Nejako mi rapluje w8, je pomalý pri štarte, myš občas zmizne ukazovátko a podobne, je nejaký nápad čo s tým?
Ďakujem za radu.
Logfile of random's system information tool 1.16 (written by random/random)
Run by Max at 2017-11-08 16:13:19
Microsoft Windows 8.1
System drive C: has 124 GB (60%) free of 207 GB
Total RAM: 4046 MB (52% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:36, on 8.11.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files\trend micro\Max_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8983 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Classic Shell\ClassicShellService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\SysWOW64\ssins.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e948f29e-cb6a-4602-b528-a21e99730fb8 -SystemEventPortName:HostProcess-76b7ec2b-75ac-43ef-937b-44955a7a5fb2 -IoCancelEventPortName:HostProcess-dff10050-e560-405f-849d-6f6d9dc97273 -NonStateChangingEventPortName:HostProcess-9ae8adc2-655d-47c8-b8f0-901eedcb55d4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c5a8a448-52cb-4a57-971d-2e74e9a1a384 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -startup
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Max\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Max\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ff878331988,0x7ff878331948,0x7ff878331958
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2836 --on-initialized-event-handle=452 --parent-handle=464 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1164,9917634520746787149,18100081382680919559,131072 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --gpu-driver-date=7-2-2014 --service-request-channel-token=D9BBE5EF333D5035C3E3E7568CC4009F --mojo-platform-channel-handle=1196 --ignored=" --type=renderer " /prefetch:2
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1164,9917634520746787149,18100081382680919559,131072 --service-pipe-token=3A20563468E341F93D22486546CD84E6 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=3A20563468E341F93D22486546CD84E6 --renderer-client-id=4 --mojo-platform-channel-handle=2072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1164,9917634520746787149,18100081382680919559,131072 --service-pipe-token=19C57EF956DFFD3D258D7EF77719AED1 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=19C57EF956DFFD3D258D7EF77719AED1 --renderer-client-id=5 --mojo-platform-channel-handle=2136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1164,9917634520746787149,18100081382680919559,131072 --service-pipe-token=DEB5BB8F29649D0E87B91B4828936EFF --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=DEB5BB8F29649D0E87B91B4828936EFF --renderer-client-id=6 --mojo-platform-channel-handle=4404 /prefetch:1
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_3.0.8.0_x64__np8fj6akx2czy\MagicPuzzles.exe" -ServerName:App.AppXkmy3yqvsf2skt667a8jgrspqc109gedr.mca
C:\WINDOWS\system32\AUDIODG.EXE 0x9ec
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe49_ Global\UsGthrCtrlFltPipeMssGthrPipe49 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 580 588 65536 584
C:\WINDOWS\system32\taskeng.exe
"C:\Users\Max\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\PCRegistryShield_Popup - C:\Program Files (x86)\PC Registry Shield\Splash.exe true
C:\WINDOWS\system32\tasks\PCRegistryShield_Start - C:\Program Files (x86)\PC Registry Shield\PcRegistryShield.exe true
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{777D2772-DB2F-4A9D-8AFB-1B37CB808C2D} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{1D99C538-1E11-4895-883C-36AE944887D6} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Setup.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OmniPage.exe" -d "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0"
C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Uninstall.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-2923722727-4003214351-2683229-1002 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe" /immunize /silent /autoclose
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe" /scan /cleanclose
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Google Chrome=========
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 2 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 2 Seznam Lištička - Slovník 1.4.6
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension klfneahoibjkdlonilmnkkncopeiomoc 0 American Racing 1.0.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension knipolnnllmklapflnccelgolnpehhpl 1 Google Hangouts 2017.420.419.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nlenanfmnogchfccgdadohbacedphodd 0 friends feed for Facebook 1.6.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension olfeabkoenfaoljndfecamgilllcpiak 2 Seznam Lištička - Rychlá volba 1.9.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage: https://www.google.sk/webhp?sourceid=ch ... 2&ie=UTF-8
default_search_provider.search_url:
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12 454656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-22 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-22 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2017-10-27 318584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-09-21 1451352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-07-11 5256336]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2016-09-05 14829232]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-11-08 16:13:20 ----D---- C:\Program Files\trend micro
2017-11-08 16:13:19 ----D---- C:\rsit
2017-11-08 15:23:09 ----D---- C:\Program Files (x86)\Samsung
2017-10-24 19:39:14 ----D---- C:\Users\Max\AppData\Roaming\IrfanView
2017-10-24 19:39:14 ----D---- C:\Program Files (x86)\IrfanView
2017-10-24 19:31:52 ----D---- C:\Program Files (x86)\Adobe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssleay32.dll
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssinstall-uninstall.bat
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\libeay32.dll
2017-10-23 06:28:31 ----D---- C:\Program Files (x86)\Apple Software Update
2017-10-23 06:28:04 ----D---- C:\Program Files (x86)\QuickTime
2017-10-21 18:02:16 ----D---- C:\Users\Max\AppData\Roaming\Milestone
2017-10-12 15:40:26 ----D---- C:\ProgramData\ESET
2017-10-12 15:40:26 ----D---- C:\Program Files\ESET
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnLang.ini
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnCoInst.ini
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnPorts.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnCoInst.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\drivers\StnPport.sys
2017-10-11 09:53:18 ----D---- C:\Program Files\MOSCHIP
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\MOSCHIP_StnUninst.exe
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\drivers\StnSport.sys
2017-10-11 06:56:00 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 06:49:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-11 06:49:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-11 06:49:23 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-11 06:49:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-11 06:49:21 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-11 06:49:20 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-11 06:49:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 06:49:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-11 06:49:06 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-11 06:49:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-11 06:49:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-11 06:49:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\certcli.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-11 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-11 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-10 19:42:04 ----A---- C:\WINDOWS\system32\drivers\tap0901.sys
====== List of files/folders modified in the last 1 month ======
2017-11-08 16:13:20 ----D---- C:\Program Files
2017-11-08 16:10:05 ----D---- C:\WINDOWS\Temp
2017-11-08 16:00:01 ----D---- C:\WINDOWS\system32\sru
2017-11-08 15:43:46 ----D---- C:\WINDOWS\Prefetch
2017-11-08 15:38:41 ----D---- C:\WINDOWS\ModemLogs
2017-11-08 15:38:36 ----D---- C:\WINDOWS\system32\drivers
2017-11-08 15:38:35 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-08 15:38:35 ----D---- C:\WINDOWS\Inf
2017-11-08 15:24:25 ----SHD---- C:\WINDOWS\Installer
2017-11-08 15:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-11-08 15:23:09 ----RD---- C:\Program Files (x86)
2017-11-08 07:55:14 ----SHD---- C:\System Volume Information
2017-11-08 07:48:59 ----D---- C:\WINDOWS\Microsoft.NET
2017-11-08 07:25:14 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-11-08 07:24:55 ----D---- C:\ProgramData\firebird
2017-11-08 07:22:48 ----D---- C:\ProgramData\NVIDIA
2017-11-07 19:41:46 ----D---- C:\WINDOWS\system32\config
2017-11-07 18:56:49 ----HD---- C:\ProgramData
2017-11-07 18:56:27 ----D---- C:\Windows
2017-11-07 18:38:17 ----D---- C:\WINDOWS\system32\NDF
2017-11-07 18:34:20 ----RD---- C:\WINDOWS\System32
2017-11-07 18:34:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-05 17:36:04 ----D---- C:\WINDOWS\SoftwareDistribution
2017-11-01 07:26:30 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-01 07:26:15 ----D---- C:\WINDOWS\SysWOW64
2017-11-01 07:26:12 ----D---- C:\WINDOWS\system32\Tasks
2017-10-26 17:36:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-24 19:31:53 ----D---- C:\ProgramData\Adobe
2017-10-24 07:53:28 ----D---- C:\Users\Max\AppData\Roaming\Foxit Software
2017-10-23 19:24:24 ----D---- C:\WINDOWS\Logs
2017-10-23 12:32:37 ----D---- C:\WINDOWS\system32\wbem
2017-10-23 12:29:39 ----D---- C:\WINDOWS\Tasks
2017-10-23 12:29:39 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-10-23 12:29:39 ----D---- C:\WINDOWS\system32\sk-SK
2017-10-23 12:29:38 ----D---- C:\WINDOWS\system32\catroot2
2017-10-23 12:28:38 ----RSD---- C:\WINDOWS\assembly
2017-10-23 12:28:29 ----D---- C:\WINDOWS\WinSxS
2017-10-23 12:19:23 ----D---- C:\WINDOWS\registration
2017-10-23 06:28:04 ----D---- C:\ProgramData\Apple Computer
2017-10-18 12:28:17 ----D---- C:\WINDOWS\CbsTemp
2017-10-18 09:17:03 ----D---- C:\Users\Max\AppData\Roaming\Seznam.cz
2017-10-18 09:12:22 ----D---- C:\Users\Max\AppData\Roaming\Samsung
2017-10-18 09:09:43 ----D---- C:\ProgramData\Samsung
2017-10-18 07:25:35 ----D---- C:\WINDOWS\debug
2017-10-13 08:53:33 ----HD---- C:\Program Files\WindowsApps
2017-10-12 23:25:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-11 13:46:23 ----D---- C:\WINDOWS\rescache
2017-10-11 10:48:40 ----RD---- C:\WINDOWS\ToastData
2017-10-11 10:48:38 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-11 10:48:38 ----D---- C:\Program Files\Internet Explorer
2017-10-11 07:00:24 ----D---- C:\ProgramData\Microsoft Help
2017-10-11 07:00:03 ----D---- C:\WINDOWS\system32\MRT
2017-10-11 06:55:45 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2017-09-19 107336]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-10-27 133856]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-10-27 180088]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2017-09-19 81888]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2017-09-19 106312]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2017-09-19 50744]
R3 MEIx64;@oem16.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mf;mf; C:\WINDOWS\System32\drivers\mf.sys [2014-01-29 36864]
R3 NVHDA;@oem21.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 12866008]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 StnPport;@oem60.inf,%Stn.ParallelPort%;PCIe to Multi Mode Parallel Port; C:\WINDOWS\system32\DRIVERS\StnPport.sys [2012-12-05 98816]
R3 VIAHdAudAddService;@oem17.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-07-06 2201744]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2017-10-27 15392]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2017-10-03 21712]
S3 FreshIO;FreshIO; C:\WINDOWS\system32\drivers\FreshIO.sys []
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-06-23 46136]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem63.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2017-10-10 27136]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2015-10-10 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2013-04-12 68608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-10-27 1932336]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-11-20 21184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-05-23 233936]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2017-10-24 4058496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;@oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\viakaraokesrv.exe [2012-07-06 27792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-10 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Win 8
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
Zdravím!
Zkusíme vyčistit. Spusťte tuto utilitu:
Zkusíme vyčistit. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Toto by to malo byť:
# AdwCleaner 7.0.4.0 - Logfile created on Wed Nov 08 19:28:21 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files (x86)\myfree codec
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\ProgramData\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Users\All Users\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
***** [ Files ] *****
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
Deleted: C:\Windows\Reimage.ini
Deleted: C:\Windows\System32\drivers\DRVAGENT64.SYS
Deleted: C:\Users\Max\Downloads\REGCLEANER.EXE
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: PCRegistryShield_Popup
Deleted: PCRegistryShield_Start
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ImageStoreRandomFolder [7wwev9j]
Deleted: [Key] - HKLM\SOFTWARE\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\Myfree Codec
Deleted: [Key] - HKCU\Software\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\reimagerepair
Deleted: [Key] - HKCU\Software\reimagerepair
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\PCRegistryShieldLanguage
Deleted: [Key] - HKCU\Software\PCRegistryShieldLanguage
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [4032 B] - [2017/11/8 19:27:8]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.4.0 - Logfile created on Wed Nov 08 19:28:21 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files (x86)\myfree codec
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\ProgramData\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Users\All Users\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
***** [ Files ] *****
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
Deleted: C:\Windows\Reimage.ini
Deleted: C:\Windows\System32\drivers\DRVAGENT64.SYS
Deleted: C:\Users\Max\Downloads\REGCLEANER.EXE
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: PCRegistryShield_Popup
Deleted: PCRegistryShield_Start
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ImageStoreRandomFolder [7wwev9j]
Deleted: [Key] - HKLM\SOFTWARE\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\Myfree Codec
Deleted: [Key] - HKCU\Software\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\reimagerepair
Deleted: [Key] - HKCU\Software\reimagerepair
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\PCRegistryShieldLanguage
Deleted: [Key] - HKCU\Software\PCRegistryShieldLanguage
Deleted: [Key] - HKU\S-1-5-21-2923722727-4003214351-2683229-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [4032 B] - [2017/11/8 19:27:8]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Tu je :
Logfile of random's system information tool 1.16 (written by random/random)
Run by Max at 2017-11-08 21:32:34
Microsoft Windows 8.1
System drive C: has 124 GB (60%) free of 207 GB
Total RAM: 4046 MB (60% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:38, on 8.11.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files\trend micro\Max_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8983 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Classic Shell\ClassicShellService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\SysWOW64\ssins.exe
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-800e9439-d922-4b3e-8d9a-a5ceb24122fd -SystemEventPortName:HostProcess-69e9331f-5912-41e9-8f56-63dfbde9820c -IoCancelEventPortName:HostProcess-348772af-39be-483a-a8cd-6269e8d99acb -NonStateChangingEventPortName:HostProcess-e524a0cc-c88d-4629-b906-b1c0442d737b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f39ba4d5-1655-4b10-a23f-bb47b30fac9f -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -startup
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Max\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Max\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffacca11988,0x7ffacca11948,0x7ffacca11958
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4084 --on-initialized-event-handle=452 --parent-handle=464 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --gpu-driver-date=7-2-2014 --service-request-channel-token=D53DA437D9A254C5C0F16181D4C4CA5E --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=46194A379607A09D7A9C65C45F2967FF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=46194A379607A09D7A9C65C45F2967FF --renderer-client-id=4 --mojo-platform-channel-handle=2200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=F2B459217D1E064D0D2C017B0F9D8647 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F2B459217D1E064D0D2C017B0F9D8647 --renderer-client-id=5 --mojo-platform-channel-handle=2352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=9BC52EC0C1534D3C1C3444A4BF865BED --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9BC52EC0C1534D3C1C3444A4BF865BED --renderer-client-id=6 --mojo-platform-channel-handle=3508 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x7dc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Max\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{777D2772-DB2F-4A9D-8AFB-1B37CB808C2D} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{1D99C538-1E11-4895-883C-36AE944887D6} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Setup.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OmniPage.exe" -d "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0"
C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Uninstall.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-2923722727-4003214351-2683229-1002 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe" /immunize /silent /autoclose
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe" /scan /cleanclose
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Google Chrome=========
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 2 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 2 Seznam Lištička - Slovník 1.4.6
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension klfneahoibjkdlonilmnkkncopeiomoc 0 American Racing 1.0.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension knipolnnllmklapflnccelgolnpehhpl 1 Google Hangouts 2017.420.419.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nlenanfmnogchfccgdadohbacedphodd 0 friends feed for Facebook 1.6.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension olfeabkoenfaoljndfecamgilllcpiak 2 Seznam Lištička - Rychlá volba 1.9.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage: https://www.google.sk/webhp?sourceid=ch ... 2&ie=UTF-8
default_search_provider.search_url:
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12 454656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-22 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-22 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2017-10-27 318584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-09-21 1451352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-07-11 5256336]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2016-09-05 14829232]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-11-08 20:25:38 ----D---- C:\AdwCleaner
2017-11-08 16:13:20 ----D---- C:\Program Files\trend micro
2017-11-08 16:13:19 ----D---- C:\rsit
2017-11-08 15:23:09 ----D---- C:\Program Files (x86)\Samsung
2017-10-24 19:39:14 ----D---- C:\Users\Max\AppData\Roaming\IrfanView
2017-10-24 19:39:14 ----D---- C:\Program Files (x86)\IrfanView
2017-10-24 19:31:52 ----D---- C:\Program Files (x86)\Adobe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssleay32.dll
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssinstall-uninstall.bat
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\libeay32.dll
2017-10-23 06:28:31 ----D---- C:\Program Files (x86)\Apple Software Update
2017-10-23 06:28:04 ----D---- C:\Program Files (x86)\QuickTime
2017-10-21 18:02:16 ----D---- C:\Users\Max\AppData\Roaming\Milestone
2017-10-12 15:40:26 ----D---- C:\ProgramData\ESET
2017-10-12 15:40:26 ----D---- C:\Program Files\ESET
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnLang.ini
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnCoInst.ini
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnPorts.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnCoInst.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\drivers\StnPport.sys
2017-10-11 09:53:18 ----D---- C:\Program Files\MOSCHIP
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\MOSCHIP_StnUninst.exe
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\drivers\StnSport.sys
2017-10-11 06:56:00 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 06:49:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-11 06:49:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-11 06:49:23 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-11 06:49:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-11 06:49:21 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-11 06:49:20 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-11 06:49:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 06:49:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-11 06:49:06 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-11 06:49:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-11 06:49:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-11 06:49:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\certcli.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-11 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-11 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-10 19:42:04 ----A---- C:\WINDOWS\system32\drivers\tap0901.sys
====== List of files/folders modified in the last 1 month ======
2017-11-08 21:30:02 ----D---- C:\WINDOWS\Temp
2017-11-08 21:00:00 ----D---- C:\WINDOWS\system32\sru
2017-11-08 20:31:44 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-11-08 20:31:19 ----D---- C:\ProgramData\firebird
2017-11-08 20:29:22 ----D---- C:\ProgramData\NVIDIA
2017-11-08 20:28:27 ----D---- C:\WINDOWS\Prefetch
2017-11-08 20:28:14 ----D---- C:\WINDOWS\system32\Tasks
2017-11-08 20:28:13 ----HD---- C:\ProgramData
2017-11-08 20:28:13 ----D---- C:\Windows
2017-11-08 20:28:13 ----D---- C:\ProgramData\IObit
2017-11-08 20:28:12 ----RD---- C:\Program Files (x86)
2017-11-08 16:13:20 ----D---- C:\Program Files
2017-11-08 15:38:41 ----D---- C:\WINDOWS\ModemLogs
2017-11-08 15:38:36 ----D---- C:\WINDOWS\system32\drivers
2017-11-08 15:38:35 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-08 15:38:35 ----D---- C:\WINDOWS\Inf
2017-11-08 15:24:25 ----SHD---- C:\WINDOWS\Installer
2017-11-08 15:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-11-08 07:55:14 ----SHD---- C:\System Volume Information
2017-11-08 07:48:59 ----D---- C:\WINDOWS\Microsoft.NET
2017-11-07 19:41:46 ----D---- C:\WINDOWS\system32\config
2017-11-07 18:38:17 ----D---- C:\WINDOWS\system32\NDF
2017-11-07 18:34:20 ----RD---- C:\WINDOWS\System32
2017-11-07 18:34:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-05 17:36:04 ----D---- C:\WINDOWS\SoftwareDistribution
2017-11-01 07:26:30 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-01 07:26:15 ----D---- C:\WINDOWS\SysWOW64
2017-10-26 17:36:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-24 19:31:53 ----D---- C:\ProgramData\Adobe
2017-10-24 07:53:28 ----D---- C:\Users\Max\AppData\Roaming\Foxit Software
2017-10-23 19:24:24 ----D---- C:\WINDOWS\Logs
2017-10-23 12:32:37 ----D---- C:\WINDOWS\system32\wbem
2017-10-23 12:29:39 ----D---- C:\WINDOWS\Tasks
2017-10-23 12:29:39 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-10-23 12:29:39 ----D---- C:\WINDOWS\system32\sk-SK
2017-10-23 12:29:38 ----D---- C:\WINDOWS\system32\catroot2
2017-10-23 12:28:38 ----RSD---- C:\WINDOWS\assembly
2017-10-23 12:28:29 ----D---- C:\WINDOWS\WinSxS
2017-10-23 12:19:23 ----D---- C:\WINDOWS\registration
2017-10-23 06:28:04 ----D---- C:\ProgramData\Apple Computer
2017-10-18 12:28:17 ----D---- C:\WINDOWS\CbsTemp
2017-10-18 09:17:03 ----D---- C:\Users\Max\AppData\Roaming\Seznam.cz
2017-10-18 09:12:22 ----D---- C:\Users\Max\AppData\Roaming\Samsung
2017-10-18 09:09:43 ----D---- C:\ProgramData\Samsung
2017-10-18 07:25:35 ----D---- C:\WINDOWS\debug
2017-10-13 08:53:33 ----HD---- C:\Program Files\WindowsApps
2017-10-12 23:25:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-11 13:46:23 ----D---- C:\WINDOWS\rescache
2017-10-11 10:48:40 ----RD---- C:\WINDOWS\ToastData
2017-10-11 10:48:38 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-11 10:48:38 ----D---- C:\Program Files\Internet Explorer
2017-10-11 07:00:24 ----D---- C:\ProgramData\Microsoft Help
2017-10-11 07:00:03 ----D---- C:\WINDOWS\system32\MRT
2017-10-11 06:55:45 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2017-09-19 107336]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-10-27 133856]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-10-27 180088]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2017-09-19 81888]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2017-09-19 106312]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2017-09-19 50744]
R3 MEIx64;@oem16.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mf;mf; C:\WINDOWS\System32\drivers\mf.sys [2014-01-29 36864]
R3 NVHDA;@oem21.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 12866008]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 StnPport;@oem60.inf,%Stn.ParallelPort%;PCIe to Multi Mode Parallel Port; C:\WINDOWS\system32\DRIVERS\StnPport.sys [2012-12-05 98816]
R3 VIAHdAudAddService;@oem17.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-07-06 2201744]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2017-10-27 15392]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2017-10-03 21712]
S3 FreshIO;FreshIO; C:\WINDOWS\system32\drivers\FreshIO.sys []
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-06-23 46136]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem63.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2017-10-10 27136]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2015-10-10 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2013-04-12 68608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-10-27 1932336]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-11-20 21184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-05-23 233936]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2017-10-24 4058496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;@oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\viakaraokesrv.exe [2012-07-06 27792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-10 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Logfile of random's system information tool 1.16 (written by random/random)
Run by Max at 2017-11-08 21:32:34
Microsoft Windows 8.1
System drive C: has 124 GB (60%) free of 207 GB
Total RAM: 4046 MB (60% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:38, on 8.11.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files\trend micro\Max_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Unknown owner - (no file)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 8983 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Classic Shell\ClassicShellService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\SysWOW64\ssins.exe
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-800e9439-d922-4b3e-8d9a-a5ceb24122fd -SystemEventPortName:HostProcess-69e9331f-5912-41e9-8f56-63dfbde9820c -IoCancelEventPortName:HostProcess-348772af-39be-483a-a8cd-6269e8d99acb -NonStateChangingEventPortName:HostProcess-e524a0cc-c88d-4629-b906-b1c0442d737b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f39ba4d5-1655-4b10-a23f-bb47b30fac9f -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -startup
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Max\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Max\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffacca11988,0x7ffacca11948,0x7ffacca11958
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4084 --on-initialized-event-handle=452 --parent-handle=464 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --gpu-driver-date=7-2-2014 --service-request-channel-token=D53DA437D9A254C5C0F16181D4C4CA5E --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=46194A379607A09D7A9C65C45F2967FF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=46194A379607A09D7A9C65C45F2967FF --renderer-client-id=4 --mojo-platform-channel-handle=2200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=F2B459217D1E064D0D2C017B0F9D8647 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F2B459217D1E064D0D2C017B0F9D8647 --renderer-client-id=5 --mojo-platform-channel-handle=2352 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1176,14062869185720540841,11620573353303434422,131072 --service-pipe-token=9BC52EC0C1534D3C1C3444A4BF865BED --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9BC52EC0C1534D3C1C3444A4BF865BED --renderer-client-id=6 --mojo-platform-channel-handle=3508 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x7dc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Max\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{777D2772-DB2F-4A9D-8AFB-1B37CB808C2D} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{1D99C538-1E11-4895-883C-36AE944887D6} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Setup.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OmniPage.exe" -d "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0"
C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\Max\Desktop\Diar_V_2_07\Uninstall.exe -d C:\Users\Max\Desktop\Diar_V_2_07
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-2923722727-4003214351-2683229-1002 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe" /immunize /silent /autoclose
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe" /scan /cleanclose
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Google Chrome=========
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 2 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 2 Seznam Lištička - Slovník 1.4.6
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension klfneahoibjkdlonilmnkkncopeiomoc 0 American Racing 1.0.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension knipolnnllmklapflnccelgolnpehhpl 1 Google Hangouts 2017.420.419.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nlenanfmnogchfccgdadohbacedphodd 0 friends feed for Facebook 1.6.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension olfeabkoenfaoljndfecamgilllcpiak 2 Seznam Lištička - Rychlá volba 1.9.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage: https://www.google.sk/webhp?sourceid=ch ... 2&ie=UTF-8
default_search_provider.search_url:
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12 454656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-22 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-22 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12 742400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12 611840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2017-10-27 318584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"GoogleChromeAutoLaunch_FB0DCF795F3086C624F9CCAD45E29F3E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-09-21 1451352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-07-11 5256336]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2016-09-05 14829232]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-11-08 20:25:38 ----D---- C:\AdwCleaner
2017-11-08 16:13:20 ----D---- C:\Program Files\trend micro
2017-11-08 16:13:19 ----D---- C:\rsit
2017-11-08 15:23:09 ----D---- C:\Program Files (x86)\Samsung
2017-10-24 19:39:14 ----D---- C:\Users\Max\AppData\Roaming\IrfanView
2017-10-24 19:39:14 ----D---- C:\Program Files (x86)\IrfanView
2017-10-24 19:31:52 ----D---- C:\Program Files (x86)\Adobe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssleay32.dll
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssinstall-uninstall.bat
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2017-10-24 19:26:53 ----A---- C:\WINDOWS\SYSWOW64\libeay32.dll
2017-10-23 06:28:31 ----D---- C:\Program Files (x86)\Apple Software Update
2017-10-23 06:28:04 ----D---- C:\Program Files (x86)\QuickTime
2017-10-21 18:02:16 ----D---- C:\Users\Max\AppData\Roaming\Milestone
2017-10-12 15:40:26 ----D---- C:\ProgramData\ESET
2017-10-12 15:40:26 ----D---- C:\Program Files\ESET
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnLang.ini
2017-10-11 09:53:20 ----A---- C:\WINDOWS\system32\StnCoInst.ini
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnPorts.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\StnCoInst.dll
2017-10-11 09:53:19 ----A---- C:\WINDOWS\system32\drivers\StnPport.sys
2017-10-11 09:53:18 ----D---- C:\Program Files\MOSCHIP
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\MOSCHIP_StnUninst.exe
2017-10-11 09:53:18 ----A---- C:\WINDOWS\system32\drivers\StnSport.sys
2017-10-11 06:56:00 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 06:49:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-11 06:49:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-11 06:49:23 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-11 06:49:22 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-11 06:49:21 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-11 06:49:20 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-11 06:49:19 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-11 06:49:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-11 06:49:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 06:49:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-11 06:49:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-11 06:49:15 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-11 06:49:14 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-11 06:49:13 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-11 06:49:12 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-11 06:49:11 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-11 06:49:10 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-11 06:49:09 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-11 06:49:07 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-11 06:49:06 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-11 06:49:06 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-11 06:49:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-11 06:49:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-11 06:49:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-11 06:49:03 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-11 06:49:00 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-11 06:48:59 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-11 06:48:58 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-11 06:48:57 ----A---- C:\WINDOWS\system32\certcli.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-11 06:48:56 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-10-11 06:48:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-11 06:48:54 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-11 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-11 06:48:53 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-11 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-10 19:42:04 ----A---- C:\WINDOWS\system32\drivers\tap0901.sys
====== List of files/folders modified in the last 1 month ======
2017-11-08 21:30:02 ----D---- C:\WINDOWS\Temp
2017-11-08 21:00:00 ----D---- C:\WINDOWS\system32\sru
2017-11-08 20:31:44 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-11-08 20:31:19 ----D---- C:\ProgramData\firebird
2017-11-08 20:29:22 ----D---- C:\ProgramData\NVIDIA
2017-11-08 20:28:27 ----D---- C:\WINDOWS\Prefetch
2017-11-08 20:28:14 ----D---- C:\WINDOWS\system32\Tasks
2017-11-08 20:28:13 ----HD---- C:\ProgramData
2017-11-08 20:28:13 ----D---- C:\Windows
2017-11-08 20:28:13 ----D---- C:\ProgramData\IObit
2017-11-08 20:28:12 ----RD---- C:\Program Files (x86)
2017-11-08 16:13:20 ----D---- C:\Program Files
2017-11-08 15:38:41 ----D---- C:\WINDOWS\ModemLogs
2017-11-08 15:38:36 ----D---- C:\WINDOWS\system32\drivers
2017-11-08 15:38:35 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-08 15:38:35 ----D---- C:\WINDOWS\Inf
2017-11-08 15:24:25 ----SHD---- C:\WINDOWS\Installer
2017-11-08 15:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-11-08 07:55:14 ----SHD---- C:\System Volume Information
2017-11-08 07:48:59 ----D---- C:\WINDOWS\Microsoft.NET
2017-11-07 19:41:46 ----D---- C:\WINDOWS\system32\config
2017-11-07 18:38:17 ----D---- C:\WINDOWS\system32\NDF
2017-11-07 18:34:20 ----RD---- C:\WINDOWS\System32
2017-11-07 18:34:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-05 17:36:04 ----D---- C:\WINDOWS\SoftwareDistribution
2017-11-01 07:26:30 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-01 07:26:15 ----D---- C:\WINDOWS\SysWOW64
2017-10-26 17:36:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-24 19:31:53 ----D---- C:\ProgramData\Adobe
2017-10-24 07:53:28 ----D---- C:\Users\Max\AppData\Roaming\Foxit Software
2017-10-23 19:24:24 ----D---- C:\WINDOWS\Logs
2017-10-23 12:32:37 ----D---- C:\WINDOWS\system32\wbem
2017-10-23 12:29:39 ----D---- C:\WINDOWS\Tasks
2017-10-23 12:29:39 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-10-23 12:29:39 ----D---- C:\WINDOWS\system32\sk-SK
2017-10-23 12:29:38 ----D---- C:\WINDOWS\system32\catroot2
2017-10-23 12:28:38 ----RSD---- C:\WINDOWS\assembly
2017-10-23 12:28:29 ----D---- C:\WINDOWS\WinSxS
2017-10-23 12:19:23 ----D---- C:\WINDOWS\registration
2017-10-23 06:28:04 ----D---- C:\ProgramData\Apple Computer
2017-10-18 12:28:17 ----D---- C:\WINDOWS\CbsTemp
2017-10-18 09:17:03 ----D---- C:\Users\Max\AppData\Roaming\Seznam.cz
2017-10-18 09:12:22 ----D---- C:\Users\Max\AppData\Roaming\Samsung
2017-10-18 09:09:43 ----D---- C:\ProgramData\Samsung
2017-10-18 07:25:35 ----D---- C:\WINDOWS\debug
2017-10-13 08:53:33 ----HD---- C:\Program Files\WindowsApps
2017-10-12 23:25:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-11 13:46:23 ----D---- C:\WINDOWS\rescache
2017-10-11 10:48:40 ----RD---- C:\WINDOWS\ToastData
2017-10-11 10:48:38 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-11 10:48:38 ----D---- C:\Program Files\Internet Explorer
2017-10-11 07:00:24 ----D---- C:\ProgramData\Microsoft Help
2017-10-11 07:00:03 ----D---- C:\WINDOWS\system32\MRT
2017-10-11 06:55:45 ----AC---- C:\WINDOWS\system32\MRT.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2017-09-19 107336]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-10-27 133856]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-10-27 180088]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2017-09-19 81888]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2017-09-19 106312]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2017-09-19 50744]
R3 MEIx64;@oem16.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mf;mf; C:\WINDOWS\System32\drivers\mf.sys [2014-01-29 36864]
R3 NVHDA;@oem21.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-08-19 12866008]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 StnPport;@oem60.inf,%Stn.ParallelPort%;PCIe to Multi Mode Parallel Port; C:\WINDOWS\system32\DRIVERS\StnPport.sys [2012-12-05 98816]
R3 VIAHdAudAddService;@oem17.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-07-06 2201744]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2017-10-27 15392]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2011-12-26 15288]
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2017-10-03 21712]
S3 FreshIO;FreshIO; C:\WINDOWS\system32\drivers\FreshIO.sys []
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-06-23 46136]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem63.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2017-10-10 27136]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2015-10-10 78848]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2013-04-12 68608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-10-27 1932336]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-11-20 21184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-05-23 233936]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2017-10-24 4058496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;@oem17.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\viakaraokesrv.exe [2012-07-06 27792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-10 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd
C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013}
C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65}
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Včera som to už nestihol,
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd not found.
File/Folder C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013} not found.
File/Folder C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65} not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Max
->Temp folder emptied: 209368072 bytes
->Temporary Internet Files folder emptied: 6461952 bytes
->Java cache emptied: 8196 bytes
->Google Chrome cache emptied: 327603041 bytes
->Flash cache emptied: 506 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1517061 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1357948 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 82964 bytes
Total Files Cleaned = 521,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Max
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11092017_073305
Files moved on Reboot...
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_0_0.bin moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_0_0.toc moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_1_0.bin moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_1_0.toc moved successfully.
C:\Users\Max\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_1.bin moved successfully.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_1.toc scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1cec585c9d91c68 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0413ccc33c310 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1ce7f8f79f096a3 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cef274624f0941 not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4e86fbb6b0ef not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf6a07d19d9fde not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8d6c86d32edd not found.
File/Folder C:\WINDOWS\system32\tasks\{616E2040-A71E-423E-B316-40B6CD9D2013} not found.
File/Folder C:\WINDOWS\system32\tasks\{FD0B3D67-5A3D-44E1-928E-F555A29B5A65} not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Max
->Temp folder emptied: 209368072 bytes
->Temporary Internet Files folder emptied: 6461952 bytes
->Java cache emptied: 8196 bytes
->Google Chrome cache emptied: 327603041 bytes
->Flash cache emptied: 506 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1517061 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1357948 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 82964 bytes
Total Files Cleaned = 521,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Max
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11092017_073305
Files moved on Reboot...
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_0_0.bin moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_0_0.toc moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_1_0.bin moved successfully.
C:\Users\Max\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_e330f25ac01818f1_1_0.toc moved successfully.
C:\Users\Max\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_1.bin moved successfully.
File move failed. C:\WINDOWS\temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a848_6229ccd76215aea1_0_1.toc scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Dobrý večer, zdá sa že je to rýchlejšie, aj myšítko vyzerá normálne, ale stále mi nechce rozpoznať smartfón čo predtým než to začalo blbnúť nerobil. Vraj kód 10, ani preinštalizácia ovládača nepomáha. 
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
Kód 10 znamená, že se dané zařízení nepodařilo nastartovat. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
V tomto případě by nemělo, pokud by se něco vrátilo, opět vyčistíme. Jinou možnost nemáme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Tak som pozrel na obnovu, bohužiaľ tam nemám nejaký starší bod obnovenia, všetko sú nedávne. Nevie či sa to dá nejako nastaviť , v XP-čku to bolo možné aj dosť ďaleko naspäť.
A zistil som, že to myšítko blbne naďalej, zasekáva sa a zmizne popritom zacvrliká nejaká melódia.
A zistil som, že to myšítko blbne naďalej, zasekáva sa a zmizne popritom zacvrliká nejaká melódia.
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win 8
Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win 8
Dobré ráno, tak tu je :
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 12.11.17
Čas skenovania: 8:37
Súbor denníka: 4ec3b056-c77c-11e7-b30e-08606e6f080f.json
Správca: Áno
-Údaje o softvéri-
Verzia: 3.3.1.2183
Verzia súčastí: 1.0.236
Aktualizovať verziu balíka: 1.0.3234
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 8.1
Procesor: x64
Systém súborov: NTFS
Používateľ: NOV\u00c3\u0089PC\Max
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 345702
Zistené hrozby: 66
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 7 min, 6 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 40
PUP.Optional.AMLRegistryCleaner, HKU\S-1-5-21-2923722727-4003214351-2683229-1002\SOFTWARE\AML\Registry Cleaner, Bez zásahu používateľa, [8561], [404079],1.0.3234
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Bez zásahu používateľa, [6171], [241622],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1, Bez zásahu používateľa, [8561], [404076],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\Codejock.SkinFrameworkGlobalSettings.13.2.0, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\Codejock.SkinFramework.13.2.0, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 3
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Styles, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\PROGRAM FILES (X86)\AML PRODUCTS\REGISTRY CLEANER, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AML FREE REGISTRY CLEANER, Bez zásahu používateľa, [8561], [404068],1.0.3234
Súbor: 23
PUP.Optional.AMLRegistryCleaner, C:\USERS\MAX\DESKTOP\AML FREE REGISTRY CLEANER.LNK, Bez zásahu používateľa, [8561], [404071],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Styles\Office2007.cjstyles, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\clean.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Codejock.SkinFramework.Unicode.v13.2.0.ocx, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\english.dll, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Exclude.lst, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\FRC.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\ftlist.txt, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\MSVBVM60.DLL, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\open.cpa, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\pm.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regback.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe.manifest, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regsearch.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\startup.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\sysres.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\unins000.dat, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\unins000.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner\AML Free Registry Cleaner.lnk, Bez zásahu používateľa, [8561], [404068],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner\Uninstall AML Free Registry Cleaner.lnk, Bez zásahu používateľa, [8561], [404068],1.0.3234
PUP.Optional.AdvancedSystemCare, C:\USERS\MAX\DOWNLOADS\ADVANCEDSYSTEMCARE-INSTALLER.EXE, Bez zásahu používateľa, [1217], [396386],1.0.3234
PUP.Optional.BundleInstaller, C:\USERS\MAX\DOWNLOADS\VLC-SETUP.EXE, Bez zásahu používateľa, [20], [425688],1.0.3234
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 12.11.17
Čas skenovania: 8:37
Súbor denníka: 4ec3b056-c77c-11e7-b30e-08606e6f080f.json
Správca: Áno
-Údaje o softvéri-
Verzia: 3.3.1.2183
Verzia súčastí: 1.0.236
Aktualizovať verziu balíka: 1.0.3234
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 8.1
Procesor: x64
Systém súborov: NTFS
Používateľ: NOV\u00c3\u0089PC\Max
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 345702
Zistené hrozby: 66
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 7 min, 6 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 40
PUP.Optional.AMLRegistryCleaner, HKU\S-1-5-21-2923722727-4003214351-2683229-1002\SOFTWARE\AML\Registry Cleaner, Bez zásahu používateľa, [8561], [404079],1.0.3234
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, Bez zásahu používateľa, [6171], [241622],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1, Bez zásahu používateľa, [8561], [404076],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\Codejock.SkinFrameworkGlobalSettings.13.2.0, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\Codejock.SkinFramework.13.2.0, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2CE3C052-6C04-4596-A61E-FC6C6A14F738}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40217CB8-4463-4030-B324-AC6A8075FEC8}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{64302D0E-6EDB-49A7-89DE-A0F37936759E}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C58A92D0-3EBE-4355-A6C9-5FECDC54922D}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4997761-BA1B-4099-B62C-D8220CB9E302}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7FC25D12-4726-4E59-82B9-3646C36EC852}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A80E5B29-CD98-4345-92A0-6451DD531633}\InprocServer32, Bez zásahu používateľa, [8561], [404065],1.0.3234
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 3
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Styles, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\PROGRAM FILES (X86)\AML PRODUCTS\REGISTRY CLEANER, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\AML FREE REGISTRY CLEANER, Bez zásahu používateľa, [8561], [404068],1.0.3234
Súbor: 23
PUP.Optional.AMLRegistryCleaner, C:\USERS\MAX\DESKTOP\AML FREE REGISTRY CLEANER.LNK, Bez zásahu používateľa, [8561], [404071],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Styles\Office2007.cjstyles, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\clean.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Codejock.SkinFramework.Unicode.v13.2.0.ocx, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\english.dll, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\Exclude.lst, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\FRC.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\ftlist.txt, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\MSVBVM60.DLL, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\open.cpa, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\pm.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regback.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe.manifest, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\regsearch.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\startup.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\sysres.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\unins000.dat, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\Program Files (x86)\AML Products\Registry Cleaner\unins000.exe, Bez zásahu používateľa, [8561], [404065],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner\AML Free Registry Cleaner.lnk, Bez zásahu používateľa, [8561], [404068],1.0.3234
PUP.Optional.AMLRegistryCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner\Uninstall AML Free Registry Cleaner.lnk, Bez zásahu používateľa, [8561], [404068],1.0.3234
PUP.Optional.AdvancedSystemCare, C:\USERS\MAX\DOWNLOADS\ADVANCEDSYSTEMCARE-INSTALLER.EXE, Bez zásahu používateľa, [1217], [396386],1.0.3234
PUP.Optional.BundleInstaller, C:\USERS\MAX\DOWNLOADS\VLC-SETUP.EXE, Bez zásahu používateľa, [20], [425688],1.0.3234
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Přispějete na provoz fóra?