Zdravím,
na win7 mi dnes vyskočila hláška, že systémové soubory byly změněny, ať přeinstaluju windows. Na ploše mi to píše, že tato kopie windows není pravá. Netuším, co se stalo. Můžete kouknout na logy jestli za to nemůže nějaká havěť?
RSIT: Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2017-10-26 18:03:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (11%) free of 153 GB
Total RAM: 16351 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:08, on 26.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\JetAudio\JetAudio.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\jakub.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851463\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851463\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851492\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851492\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-3719608471-1457720249-86965872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851524\..\Run: [AdobeBridge] (User '?')
O4 - S-1-5-21-3719608471-1457720249-86965872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851524 Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?')
O4 - S-1-5-21-3719608471-1457720249-86965872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851524 Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe (User '?')
O4 - Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 18598 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000264;0000000000000280; /AddRef;
"C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe"
"C:\Windows\system32\Dwm.exe"
/QuitInfo:00000000000002F0;00000000000002F8; /AddRef;
/QuitInfo:00000000000002C4;00000000000002EC;
/loadhooks /Parent:0000000000000768
C:\Windows\Explorer.EXE
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {BE3D1E55-C6C9-480B-AD05-018FBC8A4DC2}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATINYE.EXE" /EPT "EPLTarget\P0000000000000000" /M "L365 Series"
"C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\jakub\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-37.4.29 --annotation=client_session_id=38702cae-08c1-4050-81fd-b9772cf465fd --annotation=host_int_account1_boot=996327912 --annotation=machine_id=d5381767-3f4a-44a2-ae05-fbfe44ec5bf9 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xbc,0xcc,0xd0,0xc8,0xd4,0x6e8f5810,0x6e8f5820,0x6e8f5830
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:38702cae-08c1-4050-81fd-b9772cf465fd -target-handle:200 -target-shutdown-event:212 "-target-command-line:\"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_2956_TSHXAOUYWKGAYUWZ
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
WLIDSvcM.exe 1780
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "1823518946-1066530725757572162170391538913442354951917448120600669520-859258081
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009d0
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
\??\C:\Windows\system32\conhost.exe "1557103989-1602466141164207839661982881115171710281615662032-19139496531093453145
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-48573eb6-40db-4d12-bfd5-168eeabc719d -SystemEventPortName:HostProcess-291dcbdb-4b79-4afb-9029-23f54feb5ef0 -IoCancelEventPortName:HostProcess-0d0ec9c9-2015-40e5-84ee-0a914eb34fa1 -NonStateChangingEventPortName:HostProcess-64eb2a2d-534a-424e-a6c6-58b6d407243a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6f37201a-3533-45d7-96fa-faee14bdbccd -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
"C:\Program Files (x86)\JetAudio\JetAudio.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe20_ Global\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\jakub\Desktop\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
C:\Windows\tasks\update-S-1-5-21-3719608471-1457720249-86965872-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\searchplugins\
avira-safesearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-21 1064112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-21 663216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-07-20 1579120]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-11-25 2304688]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-04-14 145208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-26 16:27:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-10-26 16:27:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-10-26 16:27:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-26 16:27:24 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-10-26 16:27:19 ----D---- C:\Program Files\Malwarebytes
2017-10-26 16:26:55 ----D---- C:\ProgramData\MB2Migration
2017-10-21 23:01:44 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2017-10-16 09:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2017-10-01 01:14:42 ----D---- C:\Program Files (x86)\AMD
2017-09-30 23:12:38 ----D---- C:\ProgramData\Codemasters
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2017-09-30 23:12:14 ----D---- C:\Program Files (x86)\BRS
======List of files/folders modified in the last 1 month======
2017-10-26 18:04:07 ----D---- C:\Program Files\trend micro
2017-10-26 18:04:06 ----D---- C:\Windows\Temp
2017-10-26 17:30:40 ----D---- C:\Windows\system32\drivers
2017-10-26 16:27:25 ----D---- C:\Windows
2017-10-26 16:27:20 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-26 16:27:19 ----RD---- C:\Program Files
2017-10-26 16:27:19 ----D---- C:\ProgramData\Malwarebytes
2017-10-26 16:26:55 ----HD---- C:\ProgramData
2017-10-26 14:15:38 ----SHD---- C:\System Volume Information
2017-10-26 10:22:53 ----D---- C:\Windows\system32\config
2017-10-26 10:14:52 ----D---- C:\Windows\System32
2017-10-26 10:14:52 ----D---- C:\Windows\inf
2017-10-26 10:14:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-26 10:08:52 ----D---- C:\ProgramData\NVIDIA
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-10-22 02:22:41 ----D---- C:\Windows\Microsoft.NET
2017-10-21 09:40:10 ----SHD---- C:\Windows\Installer
2017-10-21 09:40:10 ----SHD---- C:\Config.Msi
2017-10-21 09:40:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-21 09:39:50 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 09:39:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-19 21:27:27 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2017-10-17 08:57:24 ----D---- C:\ProgramData\Package Cache
2017-10-16 09:19:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-16 09:18:51 ----D---- C:\Windows\system32\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SysWOW64
2017-10-13 12:12:40 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2017-10-13 08:19:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-10-12 19:24:32 ----RD---- C:\Program Files (x86)
2017-10-04 21:34:15 ----D---- C:\Program Files (x86)\Battle.net
2017-10-01 01:14:45 ----SD---- C:\Users\jakub\AppData\Roaming\Microsoft
2017-10-01 01:14:23 ----RSD---- C:\Windows\assembly
2017-09-30 23:12:04 ----D---- C:\Program Files (x86)\OpenAL
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\OpenAL32.dll
2017-09-30 23:11:58 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-07-13 64504]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-29 151128]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-07-13 35328]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2014-01-27 16384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-10-04 77440]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-19 194272]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-10-26 192952]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-10-26 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-10-26 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-10-26 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-10-26 84256]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2011-09-08 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2011-09-08 16168]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-16 205456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-10-12 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-10-12 490968]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-16 408944]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-16 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-01-29 426040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2017-04-14 4107680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-10-12 1128432]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16 272384]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-26 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-24 194000]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-14 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-12 209072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-10-12 1525240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kopie windows není pravá
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
AVIRA:
Free Antivirus
Report file date: 26. října 2017 13:13
The program is running as an unrestricted full version.
Online services are available.
Licensee : Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : JAKUB-PC
Version information:
build.dat : 15.0.32.12 121593 Bytes 5.10.2017 18:53:00
AVSCAN.EXE : 15.0.32.11 1560592 Bytes 12.10.2017 21:15:17
AVSCANRC.DLL : 15.0.32.8 64432 Bytes 12.10.2017 21:15:17
LUKE.DLL : 15.0.32.8 82144 Bytes 12.10.2017 21:15:30
AVSCPLR.DLL : 15.0.32.11 156888 Bytes 12.10.2017 21:15:18
REPAIR.DLL : 15.0.32.11 689944 Bytes 12.10.2017 21:15:15
repair.rdf : 1.0.33.76 1408400 Bytes 26.10.2017 08:19:01
AVREG.DLL : 15.0.32.8 456632 Bytes 12.10.2017 21:15:15
avlode.dll : 15.0.32.11 908160 Bytes 12.10.2017 21:15:14
avlode.rdf : 14.0.5.130 168771 Bytes 13.7.2017 21:36:17
XBV00005.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00006.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00007.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00008.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00009.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00010.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00011.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00012.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00013.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00014.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00015.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00016.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00017.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00018.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00019.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00020.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00021.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00022.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00023.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00024.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00025.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00026.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00027.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00028.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00029.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00030.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00031.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00032.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00033.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00034.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00035.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00036.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00037.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00038.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00039.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00040.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00041.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00171.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00172.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00173.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00174.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00175.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00176.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00177.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00178.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00179.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00180.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00181.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00182.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00183.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00184.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00185.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00186.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00187.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00188.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00189.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00190.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00191.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00192.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00193.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00194.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00195.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00196.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00197.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00198.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00199.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00200.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00201.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00202.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00203.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00204.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00205.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00206.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00207.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00208.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00209.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00210.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00211.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00212.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00213.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00214.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00215.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00216.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00217.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00218.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00219.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00220.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00221.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00222.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00223.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00224.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00225.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00226.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00227.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00228.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00229.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00230.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00231.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00232.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00233.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00234.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00235.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00236.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00237.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00238.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00239.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00240.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00241.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00242.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00243.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00244.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00245.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00246.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00247.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00248.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00249.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00250.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00251.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00252.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00253.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00254.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00255.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00000.VDF : 7.14.1.132 155588096 Bytes 25.4.2017 21:30:57
XBV00001.VDF : 7.14.18.244 21405696 Bytes 26.7.2017 09:51:20
XBV00002.VDF : 8.14.23.204 6929408 Bytes 21.8.2017 08:13:50
XBV00003.VDF : 8.14.27.162 5130752 Bytes 15.9.2017 08:27:28
XBV00004.VDF : 8.14.30.174 4774912 Bytes 10.10.2017 17:16:15
XBV00042.VDF : 8.14.30.176 21504 Bytes 10.10.2017 21:16:09
XBV00043.VDF : 8.14.30.178 24576 Bytes 10.10.2017 21:16:09
XBV00044.VDF : 8.14.30.182 97280 Bytes 11.10.2017 05:59:27
XBV00045.VDF : 8.14.30.184 36864 Bytes 11.10.2017 15:59:27
XBV00046.VDF : 8.14.30.186 28160 Bytes 11.10.2017 15:59:27
XBV00047.VDF : 8.14.30.188 2048 Bytes 11.10.2017 15:59:27
XBV00048.VDF : 8.14.30.190 40960 Bytes 11.10.2017 17:59:26
XBV00049.VDF : 8.14.30.192 10752 Bytes 11.10.2017 19:59:26
XBV00050.VDF : 8.14.30.194 14848 Bytes 11.10.2017 21:59:27
XBV00051.VDF : 8.14.30.198 99328 Bytes 12.10.2017 07:15:04
XBV00052.VDF : 8.14.30.200 2048 Bytes 12.10.2017 07:15:04
XBV00053.VDF : 8.14.30.202 20480 Bytes 12.10.2017 11:15:03
XBV00054.VDF : 8.14.30.204 14336 Bytes 12.10.2017 13:15:11
XBV00055.VDF : 8.14.30.206 16896 Bytes 12.10.2017 13:15:11
XBV00056.VDF : 8.14.30.208 2560 Bytes 12.10.2017 13:15:11
XBV00057.VDF : 8.14.30.210 28160 Bytes 12.10.2017 15:15:03
XBV00058.VDF : 8.14.30.212 13312 Bytes 12.10.2017 17:15:04
XBV00059.VDF : 8.14.30.214 11776 Bytes 12.10.2017 19:15:04
XBV00060.VDF : 8.14.30.216 14848 Bytes 12.10.2017 19:15:04
XBV00061.VDF : 8.14.30.218 14336 Bytes 12.10.2017 21:15:35
XBV00062.VDF : 8.14.30.222 67584 Bytes 13.10.2017 06:29:25
XBV00063.VDF : 8.14.30.232 11776 Bytes 13.10.2017 08:29:26
XBV00064.VDF : 8.14.30.242 10240 Bytes 13.10.2017 10:29:25
XBV00065.VDF : 8.14.30.252 16384 Bytes 13.10.2017 10:29:25
XBV00066.VDF : 8.14.31.6 8704 Bytes 13.10.2017 12:29:26
XBV00067.VDF : 8.14.31.8 6656 Bytes 13.10.2017 14:29:25
XBV00068.VDF : 8.14.31.10 10240 Bytes 13.10.2017 16:29:25
XBV00069.VDF : 8.14.31.12 27648 Bytes 13.10.2017 18:29:25
XBV00070.VDF : 8.14.31.14 15872 Bytes 13.10.2017 18:29:26
XBV00071.VDF : 8.14.31.16 19456 Bytes 13.10.2017 20:29:26
XBV00072.VDF : 8.14.31.22 110080 Bytes 14.10.2017 09:44:57
XBV00073.VDF : 8.14.31.24 14848 Bytes 14.10.2017 11:44:57
XBV00074.VDF : 8.14.31.26 16384 Bytes 14.10.2017 11:44:57
XBV00075.VDF : 8.14.31.28 14336 Bytes 14.10.2017 13:44:59
XBV00076.VDF : 8.14.31.30 24576 Bytes 14.10.2017 09:16:24
XBV00077.VDF : 8.14.31.32 126464 Bytes 15.10.2017 09:16:25
XBV00078.VDF : 8.14.31.34 30208 Bytes 15.10.2017 11:16:24
XBV00079.VDF : 8.14.31.36 14848 Bytes 15.10.2017 13:16:24
XBV00080.VDF : 8.14.31.38 24064 Bytes 15.10.2017 15:16:25
XBV00081.VDF : 8.14.31.40 129024 Bytes 16.10.2017 07:18:54
XBV00082.VDF : 8.14.31.42 17920 Bytes 16.10.2017 09:18:52
XBV00083.VDF : 8.14.31.44 9216 Bytes 16.10.2017 09:18:52
XBV00084.VDF : 8.14.31.46 17408 Bytes 16.10.2017 11:18:53
XBV00085.VDF : 8.14.31.48 13824 Bytes 16.10.2017 13:18:53
XBV00086.VDF : 8.14.31.50 13824 Bytes 16.10.2017 15:18:53
XBV00087.VDF : 8.14.31.52 9728 Bytes 16.10.2017 15:18:53
XBV00088.VDF : 8.14.31.54 10752 Bytes 16.10.2017 17:18:53
XBV00089.VDF : 8.14.31.56 17408 Bytes 16.10.2017 19:18:53
XBV00090.VDF : 8.14.31.58 12288 Bytes 16.10.2017 19:18:53
XBV00091.VDF : 8.14.31.64 98304 Bytes 17.10.2017 07:06:34
XBV00092.VDF : 8.14.31.66 13824 Bytes 17.10.2017 09:06:33
XBV00093.VDF : 8.14.31.68 13312 Bytes 17.10.2017 09:06:33
XBV00094.VDF : 8.14.31.70 31232 Bytes 17.10.2017 13:06:33
XBV00095.VDF : 8.14.31.80 18432 Bytes 17.10.2017 15:06:34
XBV00096.VDF : 8.14.31.88 22528 Bytes 17.10.2017 17:06:33
XBV00097.VDF : 8.14.31.96 23552 Bytes 17.10.2017 19:06:33
XBV00098.VDF : 8.14.31.104 12288 Bytes 17.10.2017 21:06:35
XBV00099.VDF : 8.14.31.112 19456 Bytes 17.10.2017 23:06:35
XBV00100.VDF : 8.14.31.116 79872 Bytes 18.10.2017 07:31:17
XBV00101.VDF : 8.14.31.118 32256 Bytes 18.10.2017 11:31:18
XBV00102.VDF : 8.14.31.120 39936 Bytes 18.10.2017 17:31:17
XBV00103.VDF : 8.14.31.122 2048 Bytes 18.10.2017 17:31:17
XBV00104.VDF : 8.14.31.124 42496 Bytes 18.10.2017 19:31:17
XBV00105.VDF : 8.14.31.126 21504 Bytes 18.10.2017 21:31:17
XBV00106.VDF : 8.14.31.130 68608 Bytes 19.10.2017 06:21:39
XBV00107.VDF : 8.14.31.132 11776 Bytes 19.10.2017 08:21:38
XBV00108.VDF : 8.14.31.134 8704 Bytes 19.10.2017 10:21:39
XBV00109.VDF : 8.14.31.136 11776 Bytes 19.10.2017 10:21:39
XBV00110.VDF : 8.14.31.138 11264 Bytes 19.10.2017 12:21:38
XBV00111.VDF : 8.14.31.140 14848 Bytes 19.10.2017 14:21:46
XBV00112.VDF : 8.14.31.142 7680 Bytes 19.10.2017 14:21:46
XBV00113.VDF : 8.14.31.144 15360 Bytes 19.10.2017 18:21:39
XBV00114.VDF : 8.14.31.146 2048 Bytes 19.10.2017 18:21:39
XBV00115.VDF : 8.14.31.148 26624 Bytes 19.10.2017 18:21:39
XBV00116.VDF : 8.14.31.150 20992 Bytes 19.10.2017 20:21:39
XBV00117.VDF : 8.14.31.154 96256 Bytes 20.10.2017 07:16:20
XBV00118.VDF : 8.14.31.156 10240 Bytes 20.10.2017 07:16:20
XBV00119.VDF : 8.14.31.158 21504 Bytes 20.10.2017 09:16:20
XBV00120.VDF : 8.14.31.160 13312 Bytes 20.10.2017 09:16:20
XBV00121.VDF : 8.14.31.162 19456 Bytes 20.10.2017 11:16:20
XBV00122.VDF : 8.14.31.164 15360 Bytes 20.10.2017 13:16:20
XBV00123.VDF : 8.14.31.166 14848 Bytes 20.10.2017 13:16:20
XBV00124.VDF : 8.14.31.168 8704 Bytes 20.10.2017 15:16:21
XBV00125.VDF : 8.14.31.170 16896 Bytes 20.10.2017 17:16:20
XBV00126.VDF : 8.14.31.172 14336 Bytes 20.10.2017 19:16:20
XBV00127.VDF : 8.14.31.174 14848 Bytes 20.10.2017 19:16:20
XBV00128.VDF : 8.14.31.176 16384 Bytes 20.10.2017 09:37:25
XBV00129.VDF : 8.14.31.180 177664 Bytes 21.10.2017 09:37:25
XBV00130.VDF : 8.14.31.188 12800 Bytes 21.10.2017 09:37:25
XBV00131.VDF : 8.14.31.196 8704 Bytes 21.10.2017 11:37:24
XBV00132.VDF : 8.14.31.204 16384 Bytes 21.10.2017 13:37:25
XBV00133.VDF : 8.14.31.212 18944 Bytes 21.10.2017 15:37:25
XBV00134.VDF : 8.14.31.220 82432 Bytes 21.10.2017 09:48:22
XBV00135.VDF : 8.14.31.222 210432 Bytes 22.10.2017 09:48:22
XBV00136.VDF : 8.14.31.224 86016 Bytes 22.10.2017 09:48:22
XBV00137.VDF : 8.14.31.226 18432 Bytes 22.10.2017 11:48:21
XBV00138.VDF : 8.14.31.228 10752 Bytes 22.10.2017 11:48:21
XBV00139.VDF : 8.14.31.230 8192 Bytes 22.10.2017 13:48:23
XBV00140.VDF : 8.14.31.232 9728 Bytes 22.10.2017 15:48:22
XBV00141.VDF : 8.14.31.234 159744 Bytes 23.10.2017 09:17:48
XBV00142.VDF : 8.14.31.236 9216 Bytes 23.10.2017 09:17:48
XBV00143.VDF : 8.14.31.238 28672 Bytes 23.10.2017 09:17:48
XBV00144.VDF : 8.14.31.240 13312 Bytes 23.10.2017 11:17:47
XBV00145.VDF : 8.14.31.242 16384 Bytes 23.10.2017 17:17:48
XBV00146.VDF : 8.14.31.244 16384 Bytes 23.10.2017 17:17:48
XBV00147.VDF : 8.14.31.246 2048 Bytes 23.10.2017 17:17:48
XBV00148.VDF : 8.14.31.248 2048 Bytes 23.10.2017 17:17:48
XBV00149.VDF : 8.14.31.250 23552 Bytes 23.10.2017 17:17:48
XBV00150.VDF : 8.14.31.252 18944 Bytes 23.10.2017 19:17:48
XBV00151.VDF : 8.14.31.254 11264 Bytes 23.10.2017 21:17:48
XBV00152.VDF : 8.14.32.4 124416 Bytes 24.10.2017 07:15:10
XBV00153.VDF : 8.14.32.6 16896 Bytes 24.10.2017 09:15:09
XBV00154.VDF : 8.14.32.8 13312 Bytes 24.10.2017 11:15:10
XBV00155.VDF : 8.14.32.10 15872 Bytes 24.10.2017 11:15:10
XBV00156.VDF : 8.14.32.12 28672 Bytes 24.10.2017 15:15:10
XBV00157.VDF : 8.14.32.14 29184 Bytes 24.10.2017 15:15:10
XBV00158.VDF : 8.14.32.16 36864 Bytes 24.10.2017 17:15:09
XBV00159.VDF : 8.14.32.24 22016 Bytes 24.10.2017 19:15:10
XBV00160.VDF : 8.14.32.30 27648 Bytes 24.10.2017 21:15:10
XBV00161.VDF : 8.14.32.38 110080 Bytes 25.10.2017 07:11:19
XBV00162.VDF : 8.14.32.44 30720 Bytes 25.10.2017 11:11:20
XBV00163.VDF : 8.14.32.46 53248 Bytes 25.10.2017 17:11:18
XBV00164.VDF : 8.14.32.48 2048 Bytes 25.10.2017 17:11:18
XBV00165.VDF : 8.14.32.50 35328 Bytes 25.10.2017 19:11:19
XBV00166.VDF : 8.14.32.52 14848 Bytes 25.10.2017 19:11:19
XBV00167.VDF : 8.14.32.54 39936 Bytes 25.10.2017 21:11:19
XBV00168.VDF : 8.14.32.60 107520 Bytes 26.10.2017 08:19:01
XBV00169.VDF : 8.14.32.62 25600 Bytes 26.10.2017 08:19:01
XBV00170.VDF : 8.14.32.64 13824 Bytes 26.10.2017 10:19:01
LOCAL000.VDF : 8.14.32.64 203229696 Bytes 26.10.2017 10:19:18
Engine version : 8.3.48.74
AEBB.DLL : 8.1.3.0 59296 Bytes 23.11.2015 17:23:16
AECORE.DLL : 8.3.14.0 266480 Bytes 22.8.2017 13:47:19
AECRYPTO.DLL : 8.2.1.0 129904 Bytes 13.7.2017 21:36:01
AEDROID.DLL : 8.4.3.406 2801640 Bytes 11.10.2017 13:59:27
AEEMU.DLL : 8.1.3.8 404328 Bytes 18.3.2016 11:13:46
AEEXP.DLL : 8.4.4.86 382840 Bytes 25.10.2017 11:11:19
AEGEN.DLL : 8.1.8.322 678648 Bytes 13.7.2017 21:35:08
AEHELP.DLL : 8.3.3.0 299728 Bytes 30.8.2017 15:12:12
AEHEUR.DLL : 8.1.6.76 11550056 Bytes 19.10.2017 14:21:45
AELIBINF.DLL : 8.2.1.4 68464 Bytes 12.5.2016 10:08:36
AEMOBILE.DLL : 8.1.18.4 346872 Bytes 13.7.2017 21:36:09
AEOFFICE.DLL : 8.4.1.32 636368 Bytes 25.10.2017 11:11:18
AEPACK.DLL : 8.4.2.74 835856 Bytes 22.9.2017 11:01:51
AERDL.DLL : 8.2.2.36 835848 Bytes 13.7.2017 21:35:52
AESBX.DLL : 8.2.22.14 1667056 Bytes 2.8.2017 11:12:09
AESCN.DLL : 8.3.8.0 158416 Bytes 19.10.2017 14:21:46
AESCRIPT.DLL : 8.3.3.90 943912 Bytes 25.10.2017 11:11:18
AEVDF.DLL : 8.3.3.4 142184 Bytes 21.3.2016 13:27:32
AVWINLL.DLL : 15.0.32.8 37448 Bytes 12.10.2017 21:15:12
AVPREF.DLL : 15.0.32.8 63920 Bytes 12.10.2017 21:15:15
AVREP.DLL : 15.0.32.8 234888 Bytes 12.10.2017 21:15:15
AVARKT.DLL : 15.0.32.8 241096 Bytes 12.10.2017 21:15:12
SQLITE3.DLL : 15.0.32.8 472744 Bytes 12.10.2017 21:15:34
AVSMTP.DLL : 15.0.32.8 90392 Bytes 12.10.2017 21:15:18
NETNT.DLL : 15.0.32.8 26568 Bytes 12.10.2017 21:15:31
CommonImageRc.dll: 15.0.32.8 3878048 Bytes 12.10.2017 21:15:12
CommonTextRc.dll: 15.0.32.8 81568 Bytes 12.10.2017 21:15:12
Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, N:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................:
Start of the scan: 26. října 2017 13:13
Start scanning boot sectors:
Boot sector 'HDD1(C:)'
[INFO] No virus was found!
Boot sector 'HDD2(D:)'
[INFO] No virus was found!
Boot sector 'HDD0(E:, F:)'
[INFO] No virus was found!
Boot sector 'HDD7(N:)'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'ATKFUSService.exe' - '28' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '35' Module(s) have been scanned
Scan process 'nvSCPAPISvr.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '99' Module(s) have been scanned
Scan process 'svchost.exe' - '103' Module(s) have been scanned
Scan process 'svchost.exe' - '115' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'Pen_TouchService.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '54' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '47' Module(s) have been scanned
Scan process 'WISPTIS.EXE' - '40' Module(s) have been scanned
Scan process 'ATKFastUserSwitching.exe' - '26' Module(s) have been scanned
Scan process 'Dwm.exe' - '45' Module(s) have been scanned
Scan process 'WISPTIS.EXE' - '47' Module(s) have been scanned
Scan process 'TabTip.exe' - '55' Module(s) have been scanned
Scan process 'TabTip32.exe' - '23' Module(s) have been scanned
Scan process 'Explorer.EXE' - '188' Module(s) have been scanned
Scan process 'Pen_TouchUser.exe' - '37' Module(s) have been scanned
Scan process 'spoolsv.exe' - '83' Module(s) have been scanned
Scan process 'taskhost.exe' - '74' Module(s) have been scanned
Scan process 'sched.exe' - '71' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'BtvStack.exe' - '86' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'AdobeUpdateService.exe' - '32' Module(s) have been scanned
Scan process 'AGSService.exe' - '61' Module(s) have been scanned
Scan process 'avguard.exe' - '117' Module(s) have been scanned
Scan process 'AthBtTray.exe' - '43' Module(s) have been scanned
Scan process 'ASDR.exe' - '17' Module(s) have been scanned
Scan process 'NvBackend.exe' - '63' Module(s) have been scanned
Scan process 'adminservice.exe' - '29' Module(s) have been scanned
Scan process 'E_YATINYE.EXE' - '37' Module(s) have been scanned
Scan process 'SpotifyWebHelper.exe' - '36' Module(s) have been scanned
Scan process 'ZPSTray.exe' - '58' Module(s) have been scanned
Scan process 'Dropbox.exe' - '211' Module(s) have been scanned
Scan process 'Rainmeter.exe' - '91' Module(s) have been scanned
Scan process 'SystemExplorer.exe' - '88' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '130' Module(s) have been scanned
Scan process 'Dropbox.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'EscSvc64.exe' - '20' Module(s) have been scanned
Scan process 'E_S60RPB.EXE' - '19' Module(s) have been scanned
Scan process 'GfExperienceService.exe' - '55' Module(s) have been scanned
Scan process 'IProsetMonitor.exe' - '22' Module(s) have been scanned
Scan process 'VCDDaemon.exe' - '35' Module(s) have been scanned
Scan process 'Dropbox.exe' - '52' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '37' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '58' Module(s) have been scanned
Scan process 'McciCMService.exe' - '40' Module(s) have been scanned
Scan process 'GamerOSD.exe' - '78' Module(s) have been scanned
Scan process 'SwitchBoard.exe' - '42' Module(s) have been scanned
Scan process 'NvNetworkService.exe' - '61' Module(s) have been scanned
Scan process 'NvStreamService.exe' - '55' Module(s) have been scanned
Scan process 'acrotray.exe' - '33' Module(s) have been scanned
Scan process 'EEventManager.exe' - '57' Module(s) have been scanned
Scan process 'Lightshot.exe' - '55' Module(s) have been scanned
Scan process 'jusched.exe' - '53' Module(s) have been scanned
Scan process 'AdobeIPCBroker.exe' - '40' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '32' Module(s) have been scanned
Scan process 'nvtray.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '31' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '62' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '127' Module(s) have been scanned
Scan process 'Pen_TabletUser.exe' - '25' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'Adobe Desktop Service.exe' - '114' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '47' Module(s) have been scanned
Scan process 'CoreSync.exe' - '94' Module(s) have been scanned
Scan process 'CCXProcess.exe' - '9' Module(s) have been scanned
Scan process 'node.exe' - '97' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'avshadow.exe' - '43' Module(s) have been scanned
Scan process 'NvStreamNetworkService.exe' - '66' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '64' Module(s) have been scanned
Scan process 'SystemExplorerService64.exe' - '22' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'NvStreamUserAgent.exe' - '73' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '121' Module(s) have been scanned
Scan process 'conhost.exe' - '20' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'avgnt.exe' - '89' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '139' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'DllHost.exe' - '46' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'InputPersonalization.exe' - '36' Module(s) have been scanned
Scan process 'thunderbird.exe' - '148' Module(s) have been scanned
Scan process 'firefox.exe' - '162' Module(s) have been scanned
Scan process 'Bridge.exe' - '161' Module(s) have been scanned
Scan process 'wuauclt.exe' - '38' Module(s) have been scanned
Scan process 'jucheck.exe' - '79' Module(s) have been scanned
Scan process 'SeaPort.exe' - '55' Module(s) have been scanned
Scan process 'JetAudio.exe' - '95' Module(s) have been scanned
Scan process 'sppsvc.exe' - '20' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '43' Module(s) have been scanned
Scan process 'explorer.exe' - '133' Module(s) have been scanned
Scan process 'avscan.exe' - '68' Module(s) have been scanned
Scan process 'avscan.exe' - '129' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '68' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '2945' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\' <hry>
Begin scan in 'E:\' <pracovní>
Begin scan in 'F:\' <data>
[0] Archive type: ZIP SFX (self extracting)
--> System32/64/Drivers/winusbcoinstaller2.dll
[1] Archive type: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\amd64\WUDFUpdate_01007.dll
[2] Archive type: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\i386\WUDFUpdate_01007.dll
[3] Archive type: RSRC
[WARNING] The file could not be read!
F:\$RECYCLE.BIN\S-1-5-21-2602357843-3484561657-1090783424-1000\$RJ4FTXB\staženo\heroes5.tribes.of.the.east.cz.patch.3.01.part1.rar.5795460884426923494.part
[WARNING] The file could not be read!
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-10-02 075544\Backup files 1.zip
[4] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-10-02 075544\Backup files 3.zip
[5] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[6] Archive type: ZIP
--> C/Users/jakub/Downloads/DTLite4454-0315.exe
[7] Archive type: NSIS
--> Object
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 4.zip
[6] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[7] Archive type: ZIP
--> C/Users/jakub/Downloads/Dropbox 1.4.17.exe
[8] Archive type: NSIS
--> C/Users/jakub/Downloads/DTLite4454-0315.exe
[9] Archive type: NSIS
--> Object
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-04-03 183614\Backup files 1.zip
[8] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Downloads/WacomTablet_635w3.exe
[9] Archive type: ZIP SFX (self extracting)
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-04-03 183614\Backup files 3.zip
[10] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Temp/WacomTablet_635w3/System32/64/Drivers/winusbcoinstaller2.dll
[11] Archive type: RSRC
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-05-01 190000\Backup files 2.zip
[12] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-05-01 190000\Backup files 4.zip
[13] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-07-01 190001\Backup files 1.zip
[14] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-09-01 190001\Backup Files 2013-09-01 190001\Backup files 1.zip
[15] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Downloads/WacomTablet_635w3.exe
[16] Archive type: ZIP SFX (self extracting)
--> F:\JAKUB-PC\Backup Set 2013-09-01 190001\Backup Files 2013-09-01 190001\Backup files 8.zip
[17] Archive type: ZIP
--> F:\programy\jxpiinstall.exe
[18] Archive type: Runtime Packed
--> F:\rozbaleno\burnaware_free.exe
[19] Archive type: Inno Setup
--> {tmp}\OCSetupHlp.dll
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\rozbaleno\burnaware_free.exe
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
F:\rozbaleno\Framaroot-1.9.3.apk
[DETECTION] Contains code of the ANDROID/Lotoor.BE.57 virus
F:\rozbaleno\tr3.apk
[DETECTION] Contains code of the ANDROID/TowelExploit.TGH virus
Begin scan in 'N:\'
Beginning disinfection:
F:\rozbaleno\tr3.apk
[DETECTION] Contains code of the ANDROID/TowelExploit.TGH virus
[NOTE] The file was moved to the quarantine directory under the name '5d02ab9b.qua'!
F:\rozbaleno\Framaroot-1.9.3.apk
[DETECTION] Contains code of the ANDROID/Lotoor.BE.57 virus
[NOTE] The file was moved to the quarantine directory under the name '45e3843c.qua'!
F:\rozbaleno\burnaware_free.exe
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '71bc9081.qua'!
F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '3409bda0.qua'!
F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '4b128fd6.qua'!
End of the scan: 26. října 2017 17:54
Used time: 4:36:30 Hour(s)
The scan has been done completely.
89105 Scanned directories
5964881 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
5 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
5964873 Files not concerned
112829 Archives were scanned
4 Warnings
5 Notes
1302076 Objects were scanned with rootkit scan
0 Hidden objects were found
Free Antivirus
Report file date: 26. října 2017 13:13
The program is running as an unrestricted full version.
Online services are available.
Licensee : Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : JAKUB-PC
Version information:
build.dat : 15.0.32.12 121593 Bytes 5.10.2017 18:53:00
AVSCAN.EXE : 15.0.32.11 1560592 Bytes 12.10.2017 21:15:17
AVSCANRC.DLL : 15.0.32.8 64432 Bytes 12.10.2017 21:15:17
LUKE.DLL : 15.0.32.8 82144 Bytes 12.10.2017 21:15:30
AVSCPLR.DLL : 15.0.32.11 156888 Bytes 12.10.2017 21:15:18
REPAIR.DLL : 15.0.32.11 689944 Bytes 12.10.2017 21:15:15
repair.rdf : 1.0.33.76 1408400 Bytes 26.10.2017 08:19:01
AVREG.DLL : 15.0.32.8 456632 Bytes 12.10.2017 21:15:15
avlode.dll : 15.0.32.11 908160 Bytes 12.10.2017 21:15:14
avlode.rdf : 14.0.5.130 168771 Bytes 13.7.2017 21:36:17
XBV00005.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00006.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00007.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00008.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00009.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00010.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00011.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00012.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00013.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00014.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00015.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00016.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00017.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00018.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00019.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00020.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00021.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00022.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00023.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00024.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00025.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00026.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00027.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00028.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00029.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00030.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00031.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00032.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00033.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00034.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00035.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00036.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00037.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00038.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00039.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00040.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00041.VDF : 8.14.19.50 2048 Bytes 26.7.2017 09:51:20
XBV00171.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00172.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00173.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00174.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00175.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00176.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00177.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00178.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00179.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00180.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00181.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00182.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00183.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00184.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00185.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00186.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:21
XBV00187.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00188.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00189.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00190.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00191.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00192.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00193.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00194.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00195.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00196.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00197.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00198.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00199.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00200.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00201.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00202.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00203.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:22
XBV00204.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00205.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00206.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00207.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00208.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00209.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00210.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00211.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00212.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00213.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00214.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00215.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00216.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00217.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00218.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00219.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00220.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00221.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00222.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00223.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00224.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00225.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:23
XBV00226.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00227.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00228.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00229.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00230.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00231.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00232.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00233.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00234.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00235.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00236.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00237.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00238.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00239.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00240.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:24
XBV00241.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00242.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00243.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00244.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00245.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00246.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00247.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00248.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00249.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00250.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00251.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00252.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00253.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00254.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00255.VDF : 8.14.30.174 2048 Bytes 10.10.2017 17:16:25
XBV00000.VDF : 7.14.1.132 155588096 Bytes 25.4.2017 21:30:57
XBV00001.VDF : 7.14.18.244 21405696 Bytes 26.7.2017 09:51:20
XBV00002.VDF : 8.14.23.204 6929408 Bytes 21.8.2017 08:13:50
XBV00003.VDF : 8.14.27.162 5130752 Bytes 15.9.2017 08:27:28
XBV00004.VDF : 8.14.30.174 4774912 Bytes 10.10.2017 17:16:15
XBV00042.VDF : 8.14.30.176 21504 Bytes 10.10.2017 21:16:09
XBV00043.VDF : 8.14.30.178 24576 Bytes 10.10.2017 21:16:09
XBV00044.VDF : 8.14.30.182 97280 Bytes 11.10.2017 05:59:27
XBV00045.VDF : 8.14.30.184 36864 Bytes 11.10.2017 15:59:27
XBV00046.VDF : 8.14.30.186 28160 Bytes 11.10.2017 15:59:27
XBV00047.VDF : 8.14.30.188 2048 Bytes 11.10.2017 15:59:27
XBV00048.VDF : 8.14.30.190 40960 Bytes 11.10.2017 17:59:26
XBV00049.VDF : 8.14.30.192 10752 Bytes 11.10.2017 19:59:26
XBV00050.VDF : 8.14.30.194 14848 Bytes 11.10.2017 21:59:27
XBV00051.VDF : 8.14.30.198 99328 Bytes 12.10.2017 07:15:04
XBV00052.VDF : 8.14.30.200 2048 Bytes 12.10.2017 07:15:04
XBV00053.VDF : 8.14.30.202 20480 Bytes 12.10.2017 11:15:03
XBV00054.VDF : 8.14.30.204 14336 Bytes 12.10.2017 13:15:11
XBV00055.VDF : 8.14.30.206 16896 Bytes 12.10.2017 13:15:11
XBV00056.VDF : 8.14.30.208 2560 Bytes 12.10.2017 13:15:11
XBV00057.VDF : 8.14.30.210 28160 Bytes 12.10.2017 15:15:03
XBV00058.VDF : 8.14.30.212 13312 Bytes 12.10.2017 17:15:04
XBV00059.VDF : 8.14.30.214 11776 Bytes 12.10.2017 19:15:04
XBV00060.VDF : 8.14.30.216 14848 Bytes 12.10.2017 19:15:04
XBV00061.VDF : 8.14.30.218 14336 Bytes 12.10.2017 21:15:35
XBV00062.VDF : 8.14.30.222 67584 Bytes 13.10.2017 06:29:25
XBV00063.VDF : 8.14.30.232 11776 Bytes 13.10.2017 08:29:26
XBV00064.VDF : 8.14.30.242 10240 Bytes 13.10.2017 10:29:25
XBV00065.VDF : 8.14.30.252 16384 Bytes 13.10.2017 10:29:25
XBV00066.VDF : 8.14.31.6 8704 Bytes 13.10.2017 12:29:26
XBV00067.VDF : 8.14.31.8 6656 Bytes 13.10.2017 14:29:25
XBV00068.VDF : 8.14.31.10 10240 Bytes 13.10.2017 16:29:25
XBV00069.VDF : 8.14.31.12 27648 Bytes 13.10.2017 18:29:25
XBV00070.VDF : 8.14.31.14 15872 Bytes 13.10.2017 18:29:26
XBV00071.VDF : 8.14.31.16 19456 Bytes 13.10.2017 20:29:26
XBV00072.VDF : 8.14.31.22 110080 Bytes 14.10.2017 09:44:57
XBV00073.VDF : 8.14.31.24 14848 Bytes 14.10.2017 11:44:57
XBV00074.VDF : 8.14.31.26 16384 Bytes 14.10.2017 11:44:57
XBV00075.VDF : 8.14.31.28 14336 Bytes 14.10.2017 13:44:59
XBV00076.VDF : 8.14.31.30 24576 Bytes 14.10.2017 09:16:24
XBV00077.VDF : 8.14.31.32 126464 Bytes 15.10.2017 09:16:25
XBV00078.VDF : 8.14.31.34 30208 Bytes 15.10.2017 11:16:24
XBV00079.VDF : 8.14.31.36 14848 Bytes 15.10.2017 13:16:24
XBV00080.VDF : 8.14.31.38 24064 Bytes 15.10.2017 15:16:25
XBV00081.VDF : 8.14.31.40 129024 Bytes 16.10.2017 07:18:54
XBV00082.VDF : 8.14.31.42 17920 Bytes 16.10.2017 09:18:52
XBV00083.VDF : 8.14.31.44 9216 Bytes 16.10.2017 09:18:52
XBV00084.VDF : 8.14.31.46 17408 Bytes 16.10.2017 11:18:53
XBV00085.VDF : 8.14.31.48 13824 Bytes 16.10.2017 13:18:53
XBV00086.VDF : 8.14.31.50 13824 Bytes 16.10.2017 15:18:53
XBV00087.VDF : 8.14.31.52 9728 Bytes 16.10.2017 15:18:53
XBV00088.VDF : 8.14.31.54 10752 Bytes 16.10.2017 17:18:53
XBV00089.VDF : 8.14.31.56 17408 Bytes 16.10.2017 19:18:53
XBV00090.VDF : 8.14.31.58 12288 Bytes 16.10.2017 19:18:53
XBV00091.VDF : 8.14.31.64 98304 Bytes 17.10.2017 07:06:34
XBV00092.VDF : 8.14.31.66 13824 Bytes 17.10.2017 09:06:33
XBV00093.VDF : 8.14.31.68 13312 Bytes 17.10.2017 09:06:33
XBV00094.VDF : 8.14.31.70 31232 Bytes 17.10.2017 13:06:33
XBV00095.VDF : 8.14.31.80 18432 Bytes 17.10.2017 15:06:34
XBV00096.VDF : 8.14.31.88 22528 Bytes 17.10.2017 17:06:33
XBV00097.VDF : 8.14.31.96 23552 Bytes 17.10.2017 19:06:33
XBV00098.VDF : 8.14.31.104 12288 Bytes 17.10.2017 21:06:35
XBV00099.VDF : 8.14.31.112 19456 Bytes 17.10.2017 23:06:35
XBV00100.VDF : 8.14.31.116 79872 Bytes 18.10.2017 07:31:17
XBV00101.VDF : 8.14.31.118 32256 Bytes 18.10.2017 11:31:18
XBV00102.VDF : 8.14.31.120 39936 Bytes 18.10.2017 17:31:17
XBV00103.VDF : 8.14.31.122 2048 Bytes 18.10.2017 17:31:17
XBV00104.VDF : 8.14.31.124 42496 Bytes 18.10.2017 19:31:17
XBV00105.VDF : 8.14.31.126 21504 Bytes 18.10.2017 21:31:17
XBV00106.VDF : 8.14.31.130 68608 Bytes 19.10.2017 06:21:39
XBV00107.VDF : 8.14.31.132 11776 Bytes 19.10.2017 08:21:38
XBV00108.VDF : 8.14.31.134 8704 Bytes 19.10.2017 10:21:39
XBV00109.VDF : 8.14.31.136 11776 Bytes 19.10.2017 10:21:39
XBV00110.VDF : 8.14.31.138 11264 Bytes 19.10.2017 12:21:38
XBV00111.VDF : 8.14.31.140 14848 Bytes 19.10.2017 14:21:46
XBV00112.VDF : 8.14.31.142 7680 Bytes 19.10.2017 14:21:46
XBV00113.VDF : 8.14.31.144 15360 Bytes 19.10.2017 18:21:39
XBV00114.VDF : 8.14.31.146 2048 Bytes 19.10.2017 18:21:39
XBV00115.VDF : 8.14.31.148 26624 Bytes 19.10.2017 18:21:39
XBV00116.VDF : 8.14.31.150 20992 Bytes 19.10.2017 20:21:39
XBV00117.VDF : 8.14.31.154 96256 Bytes 20.10.2017 07:16:20
XBV00118.VDF : 8.14.31.156 10240 Bytes 20.10.2017 07:16:20
XBV00119.VDF : 8.14.31.158 21504 Bytes 20.10.2017 09:16:20
XBV00120.VDF : 8.14.31.160 13312 Bytes 20.10.2017 09:16:20
XBV00121.VDF : 8.14.31.162 19456 Bytes 20.10.2017 11:16:20
XBV00122.VDF : 8.14.31.164 15360 Bytes 20.10.2017 13:16:20
XBV00123.VDF : 8.14.31.166 14848 Bytes 20.10.2017 13:16:20
XBV00124.VDF : 8.14.31.168 8704 Bytes 20.10.2017 15:16:21
XBV00125.VDF : 8.14.31.170 16896 Bytes 20.10.2017 17:16:20
XBV00126.VDF : 8.14.31.172 14336 Bytes 20.10.2017 19:16:20
XBV00127.VDF : 8.14.31.174 14848 Bytes 20.10.2017 19:16:20
XBV00128.VDF : 8.14.31.176 16384 Bytes 20.10.2017 09:37:25
XBV00129.VDF : 8.14.31.180 177664 Bytes 21.10.2017 09:37:25
XBV00130.VDF : 8.14.31.188 12800 Bytes 21.10.2017 09:37:25
XBV00131.VDF : 8.14.31.196 8704 Bytes 21.10.2017 11:37:24
XBV00132.VDF : 8.14.31.204 16384 Bytes 21.10.2017 13:37:25
XBV00133.VDF : 8.14.31.212 18944 Bytes 21.10.2017 15:37:25
XBV00134.VDF : 8.14.31.220 82432 Bytes 21.10.2017 09:48:22
XBV00135.VDF : 8.14.31.222 210432 Bytes 22.10.2017 09:48:22
XBV00136.VDF : 8.14.31.224 86016 Bytes 22.10.2017 09:48:22
XBV00137.VDF : 8.14.31.226 18432 Bytes 22.10.2017 11:48:21
XBV00138.VDF : 8.14.31.228 10752 Bytes 22.10.2017 11:48:21
XBV00139.VDF : 8.14.31.230 8192 Bytes 22.10.2017 13:48:23
XBV00140.VDF : 8.14.31.232 9728 Bytes 22.10.2017 15:48:22
XBV00141.VDF : 8.14.31.234 159744 Bytes 23.10.2017 09:17:48
XBV00142.VDF : 8.14.31.236 9216 Bytes 23.10.2017 09:17:48
XBV00143.VDF : 8.14.31.238 28672 Bytes 23.10.2017 09:17:48
XBV00144.VDF : 8.14.31.240 13312 Bytes 23.10.2017 11:17:47
XBV00145.VDF : 8.14.31.242 16384 Bytes 23.10.2017 17:17:48
XBV00146.VDF : 8.14.31.244 16384 Bytes 23.10.2017 17:17:48
XBV00147.VDF : 8.14.31.246 2048 Bytes 23.10.2017 17:17:48
XBV00148.VDF : 8.14.31.248 2048 Bytes 23.10.2017 17:17:48
XBV00149.VDF : 8.14.31.250 23552 Bytes 23.10.2017 17:17:48
XBV00150.VDF : 8.14.31.252 18944 Bytes 23.10.2017 19:17:48
XBV00151.VDF : 8.14.31.254 11264 Bytes 23.10.2017 21:17:48
XBV00152.VDF : 8.14.32.4 124416 Bytes 24.10.2017 07:15:10
XBV00153.VDF : 8.14.32.6 16896 Bytes 24.10.2017 09:15:09
XBV00154.VDF : 8.14.32.8 13312 Bytes 24.10.2017 11:15:10
XBV00155.VDF : 8.14.32.10 15872 Bytes 24.10.2017 11:15:10
XBV00156.VDF : 8.14.32.12 28672 Bytes 24.10.2017 15:15:10
XBV00157.VDF : 8.14.32.14 29184 Bytes 24.10.2017 15:15:10
XBV00158.VDF : 8.14.32.16 36864 Bytes 24.10.2017 17:15:09
XBV00159.VDF : 8.14.32.24 22016 Bytes 24.10.2017 19:15:10
XBV00160.VDF : 8.14.32.30 27648 Bytes 24.10.2017 21:15:10
XBV00161.VDF : 8.14.32.38 110080 Bytes 25.10.2017 07:11:19
XBV00162.VDF : 8.14.32.44 30720 Bytes 25.10.2017 11:11:20
XBV00163.VDF : 8.14.32.46 53248 Bytes 25.10.2017 17:11:18
XBV00164.VDF : 8.14.32.48 2048 Bytes 25.10.2017 17:11:18
XBV00165.VDF : 8.14.32.50 35328 Bytes 25.10.2017 19:11:19
XBV00166.VDF : 8.14.32.52 14848 Bytes 25.10.2017 19:11:19
XBV00167.VDF : 8.14.32.54 39936 Bytes 25.10.2017 21:11:19
XBV00168.VDF : 8.14.32.60 107520 Bytes 26.10.2017 08:19:01
XBV00169.VDF : 8.14.32.62 25600 Bytes 26.10.2017 08:19:01
XBV00170.VDF : 8.14.32.64 13824 Bytes 26.10.2017 10:19:01
LOCAL000.VDF : 8.14.32.64 203229696 Bytes 26.10.2017 10:19:18
Engine version : 8.3.48.74
AEBB.DLL : 8.1.3.0 59296 Bytes 23.11.2015 17:23:16
AECORE.DLL : 8.3.14.0 266480 Bytes 22.8.2017 13:47:19
AECRYPTO.DLL : 8.2.1.0 129904 Bytes 13.7.2017 21:36:01
AEDROID.DLL : 8.4.3.406 2801640 Bytes 11.10.2017 13:59:27
AEEMU.DLL : 8.1.3.8 404328 Bytes 18.3.2016 11:13:46
AEEXP.DLL : 8.4.4.86 382840 Bytes 25.10.2017 11:11:19
AEGEN.DLL : 8.1.8.322 678648 Bytes 13.7.2017 21:35:08
AEHELP.DLL : 8.3.3.0 299728 Bytes 30.8.2017 15:12:12
AEHEUR.DLL : 8.1.6.76 11550056 Bytes 19.10.2017 14:21:45
AELIBINF.DLL : 8.2.1.4 68464 Bytes 12.5.2016 10:08:36
AEMOBILE.DLL : 8.1.18.4 346872 Bytes 13.7.2017 21:36:09
AEOFFICE.DLL : 8.4.1.32 636368 Bytes 25.10.2017 11:11:18
AEPACK.DLL : 8.4.2.74 835856 Bytes 22.9.2017 11:01:51
AERDL.DLL : 8.2.2.36 835848 Bytes 13.7.2017 21:35:52
AESBX.DLL : 8.2.22.14 1667056 Bytes 2.8.2017 11:12:09
AESCN.DLL : 8.3.8.0 158416 Bytes 19.10.2017 14:21:46
AESCRIPT.DLL : 8.3.3.90 943912 Bytes 25.10.2017 11:11:18
AEVDF.DLL : 8.3.3.4 142184 Bytes 21.3.2016 13:27:32
AVWINLL.DLL : 15.0.32.8 37448 Bytes 12.10.2017 21:15:12
AVPREF.DLL : 15.0.32.8 63920 Bytes 12.10.2017 21:15:15
AVREP.DLL : 15.0.32.8 234888 Bytes 12.10.2017 21:15:15
AVARKT.DLL : 15.0.32.8 241096 Bytes 12.10.2017 21:15:12
SQLITE3.DLL : 15.0.32.8 472744 Bytes 12.10.2017 21:15:34
AVSMTP.DLL : 15.0.32.8 90392 Bytes 12.10.2017 21:15:18
NETNT.DLL : 15.0.32.8 26568 Bytes 12.10.2017 21:15:31
CommonImageRc.dll: 15.0.32.8 3878048 Bytes 12.10.2017 21:15:12
CommonTextRc.dll: 15.0.32.8 81568 Bytes 12.10.2017 21:15:12
Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, N:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................:
Start of the scan: 26. října 2017 13:13
Start scanning boot sectors:
Boot sector 'HDD1(C:)'
[INFO] No virus was found!
Boot sector 'HDD2(D:)'
[INFO] No virus was found!
Boot sector 'HDD0(E:, F:)'
[INFO] No virus was found!
Boot sector 'HDD7(N:)'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'ATKFUSService.exe' - '28' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '35' Module(s) have been scanned
Scan process 'nvSCPAPISvr.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '99' Module(s) have been scanned
Scan process 'svchost.exe' - '103' Module(s) have been scanned
Scan process 'svchost.exe' - '115' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'Pen_TouchService.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '54' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '47' Module(s) have been scanned
Scan process 'WISPTIS.EXE' - '40' Module(s) have been scanned
Scan process 'ATKFastUserSwitching.exe' - '26' Module(s) have been scanned
Scan process 'Dwm.exe' - '45' Module(s) have been scanned
Scan process 'WISPTIS.EXE' - '47' Module(s) have been scanned
Scan process 'TabTip.exe' - '55' Module(s) have been scanned
Scan process 'TabTip32.exe' - '23' Module(s) have been scanned
Scan process 'Explorer.EXE' - '188' Module(s) have been scanned
Scan process 'Pen_TouchUser.exe' - '37' Module(s) have been scanned
Scan process 'spoolsv.exe' - '83' Module(s) have been scanned
Scan process 'taskhost.exe' - '74' Module(s) have been scanned
Scan process 'sched.exe' - '71' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'BtvStack.exe' - '86' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'AdobeUpdateService.exe' - '32' Module(s) have been scanned
Scan process 'AGSService.exe' - '61' Module(s) have been scanned
Scan process 'avguard.exe' - '117' Module(s) have been scanned
Scan process 'AthBtTray.exe' - '43' Module(s) have been scanned
Scan process 'ASDR.exe' - '17' Module(s) have been scanned
Scan process 'NvBackend.exe' - '63' Module(s) have been scanned
Scan process 'adminservice.exe' - '29' Module(s) have been scanned
Scan process 'E_YATINYE.EXE' - '37' Module(s) have been scanned
Scan process 'SpotifyWebHelper.exe' - '36' Module(s) have been scanned
Scan process 'ZPSTray.exe' - '58' Module(s) have been scanned
Scan process 'Dropbox.exe' - '211' Module(s) have been scanned
Scan process 'Rainmeter.exe' - '91' Module(s) have been scanned
Scan process 'SystemExplorer.exe' - '88' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '130' Module(s) have been scanned
Scan process 'Dropbox.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'EscSvc64.exe' - '20' Module(s) have been scanned
Scan process 'E_S60RPB.EXE' - '19' Module(s) have been scanned
Scan process 'GfExperienceService.exe' - '55' Module(s) have been scanned
Scan process 'IProsetMonitor.exe' - '22' Module(s) have been scanned
Scan process 'VCDDaemon.exe' - '35' Module(s) have been scanned
Scan process 'Dropbox.exe' - '52' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '37' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '58' Module(s) have been scanned
Scan process 'McciCMService.exe' - '40' Module(s) have been scanned
Scan process 'GamerOSD.exe' - '78' Module(s) have been scanned
Scan process 'SwitchBoard.exe' - '42' Module(s) have been scanned
Scan process 'NvNetworkService.exe' - '61' Module(s) have been scanned
Scan process 'NvStreamService.exe' - '55' Module(s) have been scanned
Scan process 'acrotray.exe' - '33' Module(s) have been scanned
Scan process 'EEventManager.exe' - '57' Module(s) have been scanned
Scan process 'Lightshot.exe' - '55' Module(s) have been scanned
Scan process 'jusched.exe' - '53' Module(s) have been scanned
Scan process 'AdobeIPCBroker.exe' - '40' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '32' Module(s) have been scanned
Scan process 'nvtray.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '31' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '62' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '127' Module(s) have been scanned
Scan process 'Pen_TabletUser.exe' - '25' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'Adobe Desktop Service.exe' - '114' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '47' Module(s) have been scanned
Scan process 'CoreSync.exe' - '94' Module(s) have been scanned
Scan process 'CCXProcess.exe' - '9' Module(s) have been scanned
Scan process 'node.exe' - '97' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'avshadow.exe' - '43' Module(s) have been scanned
Scan process 'NvStreamNetworkService.exe' - '66' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '64' Module(s) have been scanned
Scan process 'SystemExplorerService64.exe' - '22' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'NvStreamUserAgent.exe' - '73' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '121' Module(s) have been scanned
Scan process 'conhost.exe' - '20' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'avgnt.exe' - '89' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '139' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'DllHost.exe' - '46' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'InputPersonalization.exe' - '36' Module(s) have been scanned
Scan process 'thunderbird.exe' - '148' Module(s) have been scanned
Scan process 'firefox.exe' - '162' Module(s) have been scanned
Scan process 'Bridge.exe' - '161' Module(s) have been scanned
Scan process 'wuauclt.exe' - '38' Module(s) have been scanned
Scan process 'jucheck.exe' - '79' Module(s) have been scanned
Scan process 'SeaPort.exe' - '55' Module(s) have been scanned
Scan process 'JetAudio.exe' - '95' Module(s) have been scanned
Scan process 'sppsvc.exe' - '20' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '43' Module(s) have been scanned
Scan process 'explorer.exe' - '133' Module(s) have been scanned
Scan process 'avscan.exe' - '68' Module(s) have been scanned
Scan process 'avscan.exe' - '129' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '68' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '2945' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\' <hry>
Begin scan in 'E:\' <pracovní>
Begin scan in 'F:\' <data>
[0] Archive type: ZIP SFX (self extracting)
--> System32/64/Drivers/winusbcoinstaller2.dll
[1] Archive type: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\amd64\WUDFUpdate_01007.dll
[2] Archive type: RSRC
--> C:\Program Files (x86)\Sony\Sony PC Companion\Drivers\AllSigned\x86x64\i386\WUDFUpdate_01007.dll
[3] Archive type: RSRC
[WARNING] The file could not be read!
F:\$RECYCLE.BIN\S-1-5-21-2602357843-3484561657-1090783424-1000\$RJ4FTXB\staženo\heroes5.tribes.of.the.east.cz.patch.3.01.part1.rar.5795460884426923494.part
[WARNING] The file could not be read!
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-10-02 075544\Backup files 1.zip
[4] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-10-02 075544\Backup files 3.zip
[5] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[6] Archive type: ZIP
--> C/Users/jakub/Downloads/DTLite4454-0315.exe
[7] Archive type: NSIS
--> Object
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 4.zip
[6] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[7] Archive type: ZIP
--> C/Users/jakub/Downloads/Dropbox 1.4.17.exe
[8] Archive type: NSIS
--> C/Users/jakub/Downloads/DTLite4454-0315.exe
[9] Archive type: NSIS
--> Object
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-04-03 183614\Backup files 1.zip
[8] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Downloads/WacomTablet_635w3.exe
[9] Archive type: ZIP SFX (self extracting)
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-04-03 183614\Backup files 3.zip
[10] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Temp/WacomTablet_635w3/System32/64/Drivers/winusbcoinstaller2.dll
[11] Archive type: RSRC
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-05-01 190000\Backup files 2.zip
[12] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-05-01 190000\Backup files 4.zip
[13] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-07-01 190001\Backup files 1.zip
[14] Archive type: ZIP
--> F:\JAKUB-PC\Backup Set 2013-09-01 190001\Backup Files 2013-09-01 190001\Backup files 1.zip
[15] Archive type: ZIP
--> C/Users/jakub/Documents/DriverGenius/Downloads/WacomTablet_635w3.exe
[16] Archive type: ZIP SFX (self extracting)
--> F:\JAKUB-PC\Backup Set 2013-09-01 190001\Backup Files 2013-09-01 190001\Backup files 8.zip
[17] Archive type: ZIP
--> F:\programy\jxpiinstall.exe
[18] Archive type: Runtime Packed
--> F:\rozbaleno\burnaware_free.exe
[19] Archive type: Inno Setup
--> {tmp}\OCSetupHlp.dll
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[WARNING] Infected files in archives cannot be repaired
F:\rozbaleno\burnaware_free.exe
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
F:\rozbaleno\Framaroot-1.9.3.apk
[DETECTION] Contains code of the ANDROID/Lotoor.BE.57 virus
F:\rozbaleno\tr3.apk
[DETECTION] Contains code of the ANDROID/TowelExploit.TGH virus
Begin scan in 'N:\'
Beginning disinfection:
F:\rozbaleno\tr3.apk
[DETECTION] Contains code of the ANDROID/TowelExploit.TGH virus
[NOTE] The file was moved to the quarantine directory under the name '5d02ab9b.qua'!
F:\rozbaleno\Framaroot-1.9.3.apk
[DETECTION] Contains code of the ANDROID/Lotoor.BE.57 virus
[NOTE] The file was moved to the quarantine directory under the name '45e3843c.qua'!
F:\rozbaleno\burnaware_free.exe
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '71bc9081.qua'!
F:\JAKUB-PC\Backup Set 2013-01-01 190001\Backup Files 2013-01-01 190001\Backup files 7.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '3409bda0.qua'!
F:\JAKUB-PC\Backup Set 2012-09-01 190001\Backup Files 2012-11-02 080027\Backup files 4.zip
[DETECTION] Contains patterns of software PUA/OpenCandy.Gen
[NOTE] The file was moved to the quarantine directory under the name '4b128fd6.qua'!
End of the scan: 26. října 2017 17:54
Used time: 4:36:30 Hour(s)
The scan has been done completely.
89105 Scanned directories
5964881 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
5 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
5964873 Files not concerned
112829 Archives were scanned
4 Warnings
5 Notes
1302076 Objects were scanned with rootkit scan
0 Hidden objects were found
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
MBAM:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 26.10.17
Čas skenování: 16:28
Logovací soubor: df29e802-ba59-11e7-9ace-0026833219cb.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3101
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: jakub-PC\jakub
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 361795
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 41 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 26.10.17
Čas skenování: 16:28
Logovací soubor: df29e802-ba59-11e7-9ace-0026833219cb.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3101
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: jakub-PC\jakub
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 361795
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 41 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
Zdravím!
A je ta kopie skutečně pravá?
A je ta kopie skutečně pravá?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
Jasný 
Mám ji pár let, ale tohle se mi stalo poprvý. Můžu vyfotit nálepku jestli je to nutný.
Mám ji pár let, ale tohle se mi stalo poprvý. Můžu vyfotit nálepku jestli je to nutný.-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
To nemusíte, v logu nic nenaznačuje, že by to tak nemělo být. Ptám se pouze pro jistotu. PC můžeme vyčistit, nicméně nevím, zdy to pomůže. Tohle obvykle dělaá systém sám a s tím vám pomohou pouze u MS. Chcete-li PC vyčistit, spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
Aha, v tom případě to pořeším s podporou.
# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 26 18:12:03 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\Windows\System32\SVCProxyOff.ini
Deleted: C:\Windows\SysNative\SVCProxyOff.ini
Deleted: C:\Windows\SysWOW64\SVCProxyOff.ini
Deleted: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\searchplugins\avira-safesearch.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceCompletionTime [蚲ꡆ൵Ǒs:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceCompletionTime [蚲ꡆ൵Ǒs:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Key] - HKLM\SOFTWARE\Check Point Software Technologies LTD
Deleted: [Key] - HKU\S-1-5-21-3719608471-1457720249-86965872-1000\Software\Check Point Software Technologies LTD
Deleted: [Key] - HKU\S-1-5-21-3719608471-1457720249-86965872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851524\Software\Check Point Software Technologies LTD
Deleted: [Key] - HKCU\Software\Check Point Software Technologies LTD
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{41564952-412D-5637-4300-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
***** [ Firefox (and derivatives) ] *****
Plugin deleted: Avira SafeSearch Plus - Avira
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2083 B] - [2014/4/4 20:49:47]
C:/AdwCleaner/AdwCleaner[S1].txt - [7517 B] - [2015/1/10 18:31:17]
C:/AdwCleaner/AdwCleaner[S2].txt - [2790 B] - [2015/6/20 10:42:29]
C:/AdwCleaner/AdwCleaner[S3].txt - [5011 B] - [2017/10/26 18:11:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 26 18:12:03 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\Windows\System32\SVCProxyOff.ini
Deleted: C:\Windows\SysNative\SVCProxyOff.ini
Deleted: C:\Windows\SysWOW64\SVCProxyOff.ini
Deleted: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\searchplugins\avira-safesearch.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceCompletionTime [蚲ꡆ൵Ǒs:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceCompletionTime [蚲ꡆ൵Ǒs:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [https:\\safesearch.avira.com\#web\result?source=art&q=]
Deleted: [Key] - HKLM\SOFTWARE\Check Point Software Technologies LTD
Deleted: [Key] - HKU\S-1-5-21-3719608471-1457720249-86965872-1000\Software\Check Point Software Technologies LTD
Deleted: [Key] - HKU\S-1-5-21-3719608471-1457720249-86965872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10262017162851524\Software\Check Point Software Technologies LTD
Deleted: [Key] - HKCU\Software\Check Point Software Technologies LTD
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{41564952-412D-5637-4300-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}
***** [ Firefox (and derivatives) ] *****
Plugin deleted: Avira SafeSearch Plus - Avira
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2083 B] - [2014/4/4 20:49:47]
C:/AdwCleaner/AdwCleaner[S1].txt - [7517 B] - [2015/1/10 18:31:17]
C:/AdwCleaner/AdwCleaner[S2].txt - [2790 B] - [2015/6/20 10:42:29]
C:/AdwCleaner/AdwCleaner[S3].txt - [5011 B] - [2017/10/26 18:11:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2017-10-27 00:47:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (10%) free of 153 GB
Total RAM: 16351 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:47:25, on 27.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16793 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000284;0000000000000288; /AddRef;
"C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe"
/QuitInfo:0000000000000148;0000000000000198; /AddRef;
/QuitInfo:0000000000000208;00000000000002B8;
/loadhooks /Parent:0000000000000754
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {758D9B11-658E-4C19-9A8D-A7E9DBB5CA6A}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
WLIDSvcM.exe 2512
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000970
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-31d91492-01eb-4fa9-95f8-9c4118eb3466 -SystemEventPortName:HostProcess-28496e8e-a01d-457b-8553-a463698ece7b -IoCancelEventPortName:HostProcess-dc5ab9ca-1475-44eb-afe1-b0ea6e2b454a -NonStateChangingEventPortName:HostProcess-51b35059-d8aa-446f-b91e-de44072640b6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:071e1986-f04f-4d8b-9a6f-3b4d7045e2d4 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\Explorer.EXE
\??\C:\Windows\system32\conhost.exe "-1917197065-350186233-1610431696-583538144-1246776833-18526038541983089332-1607493570
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\jakub\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-37.4.29 --annotation=client_session_id=18e20e59-367e-4d19-9fed-29694d5d22c4 --annotation=host_int_account1_boot=996327912 --annotation=machine_id=d5381767-3f4a-44a2-ae05-fbfe44ec5bf9 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xbc,0xcc,0xd0,0xc8,0xd4,0x62b25810,0x62b25820,0x62b25830
"C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:18e20e59-367e-4d19-9fed-29694d5d22c4 -target-handle:200 -target-shutdown-event:212 "-target-command-line:\"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5628_ZJGJKJSJSZQYKVOO
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "-15504044591321215503-647254566438266913-1731843615-2003995506595980513-1062397141
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
"C:\Users\jakub\Desktop\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe46_ Global\UsGthrCtrlFltPipeMssGthrPipe46 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
C:\Windows\tasks\update-S-1-5-21-3719608471-1457720249-86965872-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-21 1064112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-21 663216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-07-20 1579120]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-11-25 2304688]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-04-14 145208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-26 16:27:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-10-26 16:27:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-10-26 16:27:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-26 16:27:24 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-10-26 16:27:19 ----D---- C:\Program Files\Malwarebytes
2017-10-26 16:26:55 ----D---- C:\ProgramData\MB2Migration
2017-10-21 23:01:44 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2017-10-16 09:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2017-10-01 01:14:42 ----D---- C:\Program Files (x86)\AMD
2017-09-30 23:12:38 ----D---- C:\ProgramData\Codemasters
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2017-09-30 23:12:14 ----D---- C:\Program Files (x86)\BRS
======List of files/folders modified in the last 1 month======
2017-10-27 00:47:25 ----D---- C:\Program Files\trend micro
2017-10-27 00:47:24 ----D---- C:\Windows\Temp
2017-10-27 00:19:24 ----D---- C:\Windows\system32\drivers
2017-10-26 20:26:47 ----D---- C:\Windows\system32\config
2017-10-26 20:19:03 ----D---- C:\Windows\System32
2017-10-26 20:19:03 ----D---- C:\Windows\inf
2017-10-26 20:19:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-26 20:13:03 ----D---- C:\ProgramData\NVIDIA
2017-10-26 20:12:03 ----D---- C:\AdwCleaner
2017-10-26 20:12:02 ----D---- C:\Windows\SysWOW64
2017-10-26 16:27:25 ----D---- C:\Windows
2017-10-26 16:27:20 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-26 16:27:19 ----RD---- C:\Program Files
2017-10-26 16:27:19 ----D---- C:\ProgramData\Malwarebytes
2017-10-26 16:26:55 ----HD---- C:\ProgramData
2017-10-26 14:15:38 ----SHD---- C:\System Volume Information
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-10-22 02:22:41 ----D---- C:\Windows\Microsoft.NET
2017-10-21 09:40:10 ----SHD---- C:\Windows\Installer
2017-10-21 09:40:10 ----SHD---- C:\Config.Msi
2017-10-21 09:40:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-21 09:39:50 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 09:39:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-19 21:27:27 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2017-10-17 08:57:24 ----D---- C:\ProgramData\Package Cache
2017-10-16 09:19:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-16 09:18:51 ----D---- C:\Windows\system32\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-13 12:12:40 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2017-10-13 08:19:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-10-12 19:24:32 ----RD---- C:\Program Files (x86)
2017-10-04 21:34:15 ----D---- C:\Program Files (x86)\Battle.net
2017-10-01 01:14:45 ----SD---- C:\Users\jakub\AppData\Roaming\Microsoft
2017-10-01 01:14:23 ----RSD---- C:\Windows\assembly
2017-09-30 23:12:04 ----D---- C:\Program Files (x86)\OpenAL
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\OpenAL32.dll
2017-09-30 23:11:58 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-07-13 64504]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-29 151128]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-07-13 35328]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2014-01-27 16384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-10-04 77440]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-19 194272]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-10-26 192952]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-10-26 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-10-26 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-10-26 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-10-27 84256]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2011-09-08 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2011-09-08 16168]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-16 205456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-10-12 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-10-12 490968]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-16 408944]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-16 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-01-29 426040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2017-04-14 4107680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-10-12 1128432]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16 272384]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-26 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-24 194000]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-14 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-12 209072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-10-12 1525240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
-----------------EOF-----------------
Run by jakub at 2017-10-27 00:47:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (10%) free of 153 GB
Total RAM: 16351 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:47:25, on 27.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16793 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000284;0000000000000288; /AddRef;
"C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe"
/QuitInfo:0000000000000148;0000000000000198; /AddRef;
/QuitInfo:0000000000000208;00000000000002B8;
/loadhooks /Parent:0000000000000754
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {758D9B11-658E-4C19-9A8D-A7E9DBB5CA6A}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
WLIDSvcM.exe 2512
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000970
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-31d91492-01eb-4fa9-95f8-9c4118eb3466 -SystemEventPortName:HostProcess-28496e8e-a01d-457b-8553-a463698ece7b -IoCancelEventPortName:HostProcess-dc5ab9ca-1475-44eb-afe1-b0ea6e2b454a -NonStateChangingEventPortName:HostProcess-51b35059-d8aa-446f-b91e-de44072640b6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:071e1986-f04f-4d8b-9a6f-3b4d7045e2d4 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\Explorer.EXE
\??\C:\Windows\system32\conhost.exe "-1917197065-350186233-1610431696-583538144-1246776833-18526038541983089332-1607493570
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\jakub\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-37.4.29 --annotation=client_session_id=18e20e59-367e-4d19-9fed-29694d5d22c4 --annotation=host_int_account1_boot=996327912 --annotation=machine_id=d5381767-3f4a-44a2-ae05-fbfe44ec5bf9 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xbc,0xcc,0xd0,0xc8,0xd4,0x62b25810,0x62b25820,0x62b25830
"C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:18e20e59-367e-4d19-9fed-29694d5d22c4 -target-handle:200 -target-shutdown-event:212 "-target-command-line:\"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5628_ZJGJKJSJSZQYKVOO
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "-15504044591321215503-647254566438266913-1731843615-2003995506595980513-1062397141
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
"C:\Users\jakub\Desktop\RSITx64(3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe46_ Global\UsGthrCtrlFltPipeMssGthrPipe46 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
C:\Windows\tasks\update-S-1-5-21-3719608471-1457720249-86965872-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-21 1064112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-21 663216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-07-20 1579120]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-11-25 2304688]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-04-14 145208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-26 16:27:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-10-26 16:27:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-10-26 16:27:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-26 16:27:24 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-10-26 16:27:19 ----D---- C:\Program Files\Malwarebytes
2017-10-26 16:26:55 ----D---- C:\ProgramData\MB2Migration
2017-10-21 23:01:44 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2017-10-16 09:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2017-10-01 01:14:42 ----D---- C:\Program Files (x86)\AMD
2017-09-30 23:12:38 ----D---- C:\ProgramData\Codemasters
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2017-09-30 23:12:14 ----D---- C:\Program Files (x86)\BRS
======List of files/folders modified in the last 1 month======
2017-10-27 00:47:25 ----D---- C:\Program Files\trend micro
2017-10-27 00:47:24 ----D---- C:\Windows\Temp
2017-10-27 00:19:24 ----D---- C:\Windows\system32\drivers
2017-10-26 20:26:47 ----D---- C:\Windows\system32\config
2017-10-26 20:19:03 ----D---- C:\Windows\System32
2017-10-26 20:19:03 ----D---- C:\Windows\inf
2017-10-26 20:19:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-26 20:13:03 ----D---- C:\ProgramData\NVIDIA
2017-10-26 20:12:03 ----D---- C:\AdwCleaner
2017-10-26 20:12:02 ----D---- C:\Windows\SysWOW64
2017-10-26 16:27:25 ----D---- C:\Windows
2017-10-26 16:27:20 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-26 16:27:19 ----RD---- C:\Program Files
2017-10-26 16:27:19 ----D---- C:\ProgramData\Malwarebytes
2017-10-26 16:26:55 ----HD---- C:\ProgramData
2017-10-26 14:15:38 ----SHD---- C:\System Volume Information
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-25 09:01:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-10-22 02:22:41 ----D---- C:\Windows\Microsoft.NET
2017-10-21 09:40:10 ----SHD---- C:\Windows\Installer
2017-10-21 09:40:10 ----SHD---- C:\Config.Msi
2017-10-21 09:40:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-21 09:39:50 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 09:39:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-19 21:27:27 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2017-10-17 08:57:24 ----D---- C:\ProgramData\Package Cache
2017-10-16 09:19:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-16 09:18:51 ----D---- C:\Windows\system32\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-13 12:12:40 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2017-10-13 08:19:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-10-12 19:24:32 ----RD---- C:\Program Files (x86)
2017-10-04 21:34:15 ----D---- C:\Program Files (x86)\Battle.net
2017-10-01 01:14:45 ----SD---- C:\Users\jakub\AppData\Roaming\Microsoft
2017-10-01 01:14:23 ----RSD---- C:\Windows\assembly
2017-09-30 23:12:04 ----D---- C:\Program Files (x86)\OpenAL
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\OpenAL32.dll
2017-09-30 23:11:58 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-07-13 64504]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-29 151128]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-07-13 35328]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2014-01-27 16384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-10-04 77440]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-19 194272]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-10-26 192952]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-10-26 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-10-26 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-10-26 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-10-27 84256]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2011-09-08 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2011-09-08 16168]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-16 205456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-10-12 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-10-12 490968]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-16 408944]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-16 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-01-29 426040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2017-04-14 4107680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-10-12 1128432]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16 272384]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-26 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-24 194000]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-14 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-12 209072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-10-12 1525240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Microsoft\BingBar
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
BBSvc
BBUpdate
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
Zdravím, zde je log z RSIT po OTM.
Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2017-10-28 09:36:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (10%) free of 153 GB
Total RAM: 16351 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:36:13, on 28.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16011 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000290;0000000000000294; /AddRef;
"C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe"
/QuitInfo:0000000000000154;0000000000000198; /AddRef;
/QuitInfo:0000000000000208;00000000000002C4;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/loadhooks /Parent:0000000000000784
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {FF439808-2975-4017-83BF-A694BCE374B1}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
WLIDSvcM.exe 3088
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009c8
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ee41307d-9ebe-4a5b-86e0-f73a88225b83 -SystemEventPortName:HostProcess-9aba8c0c-9d34-453f-8a88-1545e51acf72 -IoCancelEventPortName:HostProcess-53ab45a2-4522-4ae0-aad5-7da1778ff1dc -NonStateChangingEventPortName:HostProcess-84fbc2f4-6fe1-4930-a066-eb42982326b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18d1133d-3e01-4688-99e7-0626f10b2786 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "16953819586881604681442918401985446153-16484659991228347950-20074558791715069845
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\10282017_092745.log
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\jakub\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-37.4.29 --annotation=client_session_id=7c107c38-549f-4d14-a662-721ba91cb9dd --annotation=host_int_account1_boot=996327912 --annotation=machine_id=d5381767-3f4a-44a2-ae05-fbfe44ec5bf9 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xbc,0xcc,0xd0,0xc8,0xd4,0x70635810,0x70635820,0x70635830
"C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:7c107c38-549f-4d14-a662-721ba91cb9dd -target-handle:200 -target-shutdown-event:212 "-target-command-line:\"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5492_YDNXFTGEDXJMVZXB
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\jakub\AppData\Local\Temp\adobegc_a01488" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a01488"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "-1575322539-1366383063-1657777792-1374757841-159699080863290258774083949642536814
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\jakub\Desktop\RSITx64(3).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
C:\Windows\tasks\update-S-1-5-21-3719608471-1457720249-86965872-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-21 1064112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-21 663216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-07-20 1579120]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-11-25 2304688]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-04-14 145208]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-28 09:27:45 ----D---- C:\_OTM
2017-10-26 16:27:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-10-26 16:27:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-10-26 16:27:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-26 16:27:24 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-10-26 16:27:19 ----D---- C:\Program Files\Malwarebytes
2017-10-26 16:26:55 ----D---- C:\ProgramData\MB2Migration
2017-10-21 23:01:44 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2017-10-16 09:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2017-10-01 01:14:42 ----D---- C:\Program Files (x86)\AMD
2017-09-30 23:12:38 ----D---- C:\ProgramData\Codemasters
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2017-09-30 23:12:14 ----D---- C:\Program Files (x86)\BRS
======List of files/folders modified in the last 1 month======
2017-10-28 09:36:12 ----D---- C:\Windows\Temp
2017-10-28 09:36:12 ----D---- C:\Program Files\trend micro
2017-10-28 09:32:48 ----D---- C:\Windows\system32\drivers
2017-10-28 09:32:29 ----D---- C:\ProgramData\NVIDIA
2017-10-28 09:31:44 ----D---- C:\Windows\system32\config
2017-10-28 09:31:25 ----D---- C:\Windows\System32
2017-10-28 09:31:25 ----D---- C:\Windows\inf
2017-10-28 09:31:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-28 09:28:28 ----D---- C:\Program Files (x86)\Microsoft
2017-10-28 09:24:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-28 02:53:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-10-27 17:24:03 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2017-10-27 01:51:16 ----D---- C:\Program Files (x86)\Battle.net
2017-10-26 20:12:03 ----D---- C:\AdwCleaner
2017-10-26 20:12:02 ----D---- C:\Windows\SysWOW64
2017-10-26 16:27:25 ----D---- C:\Windows
2017-10-26 16:27:20 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-26 16:27:19 ----RD---- C:\Program Files
2017-10-26 16:27:19 ----D---- C:\ProgramData\Malwarebytes
2017-10-26 16:26:55 ----HD---- C:\ProgramData
2017-10-26 14:15:38 ----SHD---- C:\System Volume Information
2017-10-22 02:22:41 ----D---- C:\Windows\Microsoft.NET
2017-10-21 09:40:10 ----SHD---- C:\Windows\Installer
2017-10-21 09:40:10 ----SHD---- C:\Config.Msi
2017-10-21 09:40:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-21 09:39:50 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 09:39:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-19 21:27:27 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2017-10-17 08:57:24 ----D---- C:\ProgramData\Package Cache
2017-10-16 09:19:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-16 09:18:51 ----D---- C:\Windows\system32\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-13 08:19:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-10-12 19:24:32 ----RD---- C:\Program Files (x86)
2017-10-01 01:14:45 ----SD---- C:\Users\jakub\AppData\Roaming\Microsoft
2017-10-01 01:14:23 ----RSD---- C:\Windows\assembly
2017-09-30 23:12:04 ----D---- C:\Program Files (x86)\OpenAL
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\OpenAL32.dll
2017-09-30 23:11:58 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-07-13 64504]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-29 151128]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-07-13 35328]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2014-01-27 16384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-10-04 77440]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-19 194272]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-10-26 192952]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-10-28 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-10-28 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-10-28 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-10-28 84256]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2011-09-08 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2011-09-08 16168]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-16 205456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-10-12 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-10-12 490968]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-16 408944]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-16 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-01-29 426040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2017-04-14 4107680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-10-12 1128432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16 272384]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-26 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-28 194000]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-14 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-12 209072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-10-12 1525240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2017-10-28 09:36:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (10%) free of 153 GB
Total RAM: 16351 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:36:13, on 28.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18792)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16011 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000290;0000000000000294; /AddRef;
"C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe"
/QuitInfo:0000000000000154;0000000000000198; /AddRef;
/QuitInfo:0000000000000208;00000000000002C4;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/loadhooks /Parent:0000000000000784
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {FF439808-2975-4017-83BF-A694BCE374B1}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\SysWOW64\ASDR.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
WLIDSvcM.exe 3088
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009c8
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ee41307d-9ebe-4a5b-86e0-f73a88225b83 -SystemEventPortName:HostProcess-9aba8c0c-9d34-453f-8a88-1545e51acf72 -IoCancelEventPortName:HostProcess-53ab45a2-4522-4ae0-aad5-7da1778ff1dc -NonStateChangingEventPortName:HostProcess-84fbc2f4-6fe1-4930-a066-eb42982326b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18d1133d-3e01-4688-99e7-0626f10b2786 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "16953819586881604681442918401985446153-16484659991228347950-20074558791715069845
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\10282017_092745.log
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\jakub\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-37.4.29 --annotation=client_session_id=7c107c38-549f-4d14-a662-721ba91cb9dd --annotation=host_int_account1_boot=996327912 --annotation=machine_id=d5381767-3f4a-44a2-ae05-fbfe44ec5bf9 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xbc,0xcc,0xd0,0xc8,0xd4,0x70635810,0x70635820,0x70635830
"C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe -type:exit-monitor -session-token:7c107c38-549f-4d14-a662-721ba91cb9dd -target-handle:200 -target-shutdown-event:212 "-target-command-line:\"C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5492_YDNXFTGEDXJMVZXB
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\jakub\AppData\Local\Temp\adobegc_a01488" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a01488"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "-1575322539-1366383063-1657777792-1374757841-159699080863290258774083949642536814
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\jakub\Desktop\RSITx64(3).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
C:\Windows\tasks\update-S-1-5-21-3719608471-1457720249-86965872-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-10-21 1064112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-10-21 663216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30 508104]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Spotify Web Helper"=C:\Users\jakub\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-07-20 1579120]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2009-07-30 380928]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-11-25 2304688]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-04-14 145208]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-28 09:27:45 ----D---- C:\_OTM
2017-10-26 16:27:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-10-26 16:27:38 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-10-26 16:27:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-10-26 16:27:28 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-26 16:27:24 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-10-26 16:27:19 ----D---- C:\Program Files\Malwarebytes
2017-10-26 16:26:55 ----D---- C:\ProgramData\MB2Migration
2017-10-21 23:01:44 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2017-10-16 09:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2017-10-01 01:14:42 ----D---- C:\Program Files (x86)\AMD
2017-09-30 23:12:38 ----D---- C:\ProgramData\Codemasters
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2017-09-30 23:12:15 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2017-09-30 23:12:14 ----D---- C:\Program Files (x86)\BRS
======List of files/folders modified in the last 1 month======
2017-10-28 09:36:12 ----D---- C:\Windows\Temp
2017-10-28 09:36:12 ----D---- C:\Program Files\trend micro
2017-10-28 09:32:48 ----D---- C:\Windows\system32\drivers
2017-10-28 09:32:29 ----D---- C:\ProgramData\NVIDIA
2017-10-28 09:31:44 ----D---- C:\Windows\system32\config
2017-10-28 09:31:25 ----D---- C:\Windows\System32
2017-10-28 09:31:25 ----D---- C:\Windows\inf
2017-10-28 09:31:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-28 09:28:28 ----D---- C:\Program Files (x86)\Microsoft
2017-10-28 09:24:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-28 02:53:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-10-27 17:24:03 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2017-10-27 01:51:16 ----D---- C:\Program Files (x86)\Battle.net
2017-10-26 20:12:03 ----D---- C:\AdwCleaner
2017-10-26 20:12:02 ----D---- C:\Windows\SysWOW64
2017-10-26 16:27:25 ----D---- C:\Windows
2017-10-26 16:27:20 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-10-26 16:27:19 ----RD---- C:\Program Files
2017-10-26 16:27:19 ----D---- C:\ProgramData\Malwarebytes
2017-10-26 16:26:55 ----HD---- C:\ProgramData
2017-10-26 14:15:38 ----SHD---- C:\System Volume Information
2017-10-22 02:22:41 ----D---- C:\Windows\Microsoft.NET
2017-10-21 09:40:10 ----SHD---- C:\Windows\Installer
2017-10-21 09:40:10 ----SHD---- C:\Config.Msi
2017-10-21 09:40:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-21 09:39:50 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 09:39:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-19 21:27:27 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2017-10-17 08:57:24 ----D---- C:\ProgramData\Package Cache
2017-10-16 09:19:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-16 09:18:51 ----D---- C:\Windows\system32\Macromed
2017-10-16 09:18:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-10-13 08:19:10 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-10-12 19:24:32 ----RD---- C:\Program Files (x86)
2017-10-01 01:14:45 ----SD---- C:\Users\jakub\AppData\Roaming\Microsoft
2017-10-01 01:14:23 ----RSD---- C:\Windows\assembly
2017-09-30 23:12:04 ----D---- C:\Program Files (x86)\OpenAL
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\wrap_oal.dll
2017-09-30 23:12:04 ----A---- C:\Windows\system32\OpenAL32.dll
2017-09-30 23:11:58 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-07-13 64504]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2017-08-29 151128]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-07-13 35328]
R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys [2014-01-27 16384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-10-04 77440]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2017-09-19 194272]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-10-26 192952]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 39424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-10-28 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-10-28 45504]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-10-28 252232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-10-28 84256]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2011-09-08 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2011-09-08 16168]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2010-02-22 23680]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-16 205456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-11-16 683696]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-08-23 2257016]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-10-12 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-10-12 490968]
R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2009-07-27 61440]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-12-01 63488]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-10-16 408944]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 6058960]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-06-16 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-01-29 426040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2017-04-14 4107680]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-10-12 1128432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16 272384]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-26 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-28 194000]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-10-14 2078216]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-12 209072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-10-12 1525240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kopie windows není pravá
V tom případě děkuji za váš čas.
-
Rudy
- Site Admin
- Příspěvky: 119667
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kopie windows není pravá
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?