VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zavirovaný pc + RSIT log

https://forum.viry.cz:443/viewtopic.php?t=143161

Stránka 1 z 2

Zavirovaný pc + RSIT log

Napsal: 22 úno 2015 18:02
od TheSevenCz
Zdravím sem si dost jistý že jsem si zaviroval pc odvařený dočasně vypnutý antivir ... pc zničeho nic začne hučet (řekl bych že asi majní nějaký bitcoiny nebo co ... :D potom crashne bluescreen) ... :/ prosím o radu děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by SEVEN at 2015-02-22 18:02:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 405 GB (42%) free of 954 GB
Total RAM: 16278 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:55, on 22.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\SEVEN\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\trend micro\SEVEN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: prio32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Survarium Update Service - Unknown owner - C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12841 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b3186faa-0750-4b37-afef-dd9c74731452 1
\??\C:\Windows\system32\conhost.exe "20643017411455067762427381900-2717602-1451696290321415470197314668924498611
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1033242796197175828314947153084091649731615018113-3288545422074095791-532608421
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
ngservice.exe pipeserver
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\SEVEN\AppData\Local\Steam\htmlcache" -steampid 4908 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4796.0.75961267\323010449" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39,47 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4709 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4796.1.826134167\441878251" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4796.2.1675486032\1849580330" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4796.7.1892870109\1505268408" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4796.8.525593925\1697438301" /prefetch:673131151
C:\Users\SEVEN\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\SEVEN\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-17 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-17 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-13 12936848]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-07-07 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-07-07 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-07-07 769520]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-01-16 2585928]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-01-16 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-02-19 2874048]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2014-10-27 3095840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-02-17 3978600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-20 291648]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-17 5227112]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2013-10-18 111696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17 508800]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-02-17 3978600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="prio.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-07-07 623616]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-22 18:01:40 ----D---- C:\rsit
2015-02-22 17:38:39 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-21 15:38:32 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 08:13:15 ----D---- C:\Windows\SYSWOW64\vbox
2015-02-18 08:13:15 ----D---- C:\Windows\system32\vbox
2015-02-17 20:16:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-17 20:16:14 ----A---- C:\Windows\avastSS.scr
2015-02-17 20:11:43 ----D---- C:\Users\SEVEN\AppData\Roaming\java
2015-02-12 19:38:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 19:38:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 19:38:23 ----A---- C:\Windows\system32\jscript9.dll
2015-02-12 19:38:22 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 11:22:01 ----A---- C:\Windows\system32\drivers\WPRO_41_2001.sys
2015-02-11 22:25:33 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 22:25:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 22:25:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 22:25:10 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 22:25:10 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 22:25:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 22:25:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 22:25:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 22:25:08 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 22:25:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 22:25:07 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 22:25:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 22:25:02 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 22:24:49 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 22:24:49 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 22:24:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 22:24:48 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 22:24:48 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 22:24:48 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 22:24:39 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 22:24:39 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 22:24:38 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 22:24:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 22:24:37 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 22:24:17 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 22:24:17 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 22:24:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 22:24:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 22:24:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 22:24:11 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 22:24:11 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 22:24:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 22:24:10 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 22:23:59 ----A---- C:\Windows\system32\win32k.sys
2015-01-28 23:10:27 ----D---- C:\ProgramData\SystemRequirementsLab
2015-01-28 23:10:27 ----D---- C:\Program Files (x86)\SystemRequirementsLab

======List of files/folders modified in the last 1 month======

2015-02-22 18:02:55 ----D---- C:\Windows\Temp
2015-02-22 18:02:55 ----D---- C:\Program Files\trend micro
2015-02-22 17:47:17 ----D---- C:\Program Files (x86)\Steam
2015-02-22 17:45:57 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-22 17:43:54 ----D---- C:\Windows\System32
2015-02-22 17:43:15 ----D---- C:\ProgramData\VMware
2015-02-22 17:42:36 ----D---- C:\ProgramData\NVIDIA
2015-02-22 17:40:06 ----D---- C:\Windows\Minidump
2015-02-22 17:39:51 ----D---- C:\Windows
2015-02-22 17:01:33 ----D---- C:\Users\SEVEN\AppData\Roaming\TS3Client
2015-02-22 11:26:36 ----D---- C:\Windows\system32\config
2015-02-22 11:04:50 ----HD---- C:\Config.Msi
2015-02-22 02:27:46 ----SHD---- C:\System Volume Information
2015-02-21 15:47:46 ----D---- C:\Users\SEVEN\AppData\Roaming\.minecraft
2015-02-21 15:38:37 ----SHD---- C:\Windows\Installer
2015-02-21 15:38:32 ----RD---- C:\Program Files (x86)
2015-02-21 15:38:11 ----D---- C:\Windows\system32\drivers
2015-02-18 08:13:15 ----D---- C:\Windows\SysWOW64
2015-02-17 20:16:29 ----D---- C:\Windows\system32\Tasks
2015-02-15 02:11:15 ----D---- C:\Users\SEVEN\AppData\Roaming\uTorrent
2015-02-14 23:23:51 ----D---- C:\Windows\system32\catroot2
2015-02-12 20:32:12 ----D---- C:\Windows\winsxs
2015-02-12 20:32:08 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 20:32:08 ----D---- C:\Windows\system32\en-US
2015-02-12 11:19:51 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 11:19:51 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 11:19:51 ----D---- C:\Windows\system32\appraiser
2015-02-12 11:19:50 ----D---- C:\Program Files\Internet Explorer
2015-02-12 11:19:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 11:19:45 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 00:14:58 ----D---- C:\Windows\system32\MRT
2015-02-12 00:11:50 ----D---- C:\Windows\debug
2015-02-12 00:11:49 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 22:23:53 ----D---- C:\Windows\system32\catroot
2015-02-09 12:47:47 ----D---- C:\ProgramData\Package Cache
2015-02-09 12:47:21 ----D---- C:\Windows\inf
2015-02-09 09:39:38 ----A---- C:\IFRToolLog.txt
2015-02-07 10:38:38 ----D---- C:\Windows\Tasks
2015-02-01 22:12:00 ----D---- C:\Windows\Prefetch
2015-01-28 23:10:27 ----HD---- C:\ProgramData
2015-01-28 23:07:51 ----D---- C:\Program Files (x86)\Common Files
2015-01-28 23:07:18 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-28 23:06:57 ----D---- C:\ProgramData\Oracle
2015-01-28 23:06:54 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-17 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-17 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-07-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-07-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-10-08 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-10-08 73296]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-17 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-17 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-17 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-29 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-17 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-17 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-17 116728]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-10-09 53816]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-02-17 271752]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-10-18 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-10-18 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-10-18 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-07-07 4187648]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-24 4097808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-07-07 449528]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2014-07-07 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-07-07 358456]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-07-07 791608]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-07-07 100312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-01-16 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-07 883928]
R3 SAlphamHid;SteelHIDSvc; C:\Windows\system32\DRIVERS\SAlpham64.sys [2014-07-07 38016]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-07 33008]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-10-18 20560]
S3 cpuz137;cpuz137; \??\C:\Users\SEVEN\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-17 50344]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-01-16 1148744]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-02-16 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-01-16 1706312]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-01-16 21833544]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-13 935240]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-04-25 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2013-10-18 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-10-18 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-09 905272]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-10-18 437328]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2013-10-18 14405200]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-02-17 4012248]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-02-17 2490216]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-02-21 814464]
S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-07-07 279024]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-10-31 174112]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Survarium Update Service;Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [2015-01-09 76408]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-18 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Zavirovaný pc + RSIT log

Napsal: 22 úno 2015 18:18
od TheSevenCz
jen jsem ještě pustil mbam doufám že to nevadí ... zde je log ..

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.2.2015
Čas skenování: 18:09:46
Protokol: ddd.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.22.04
Databáze rootkitů: v2015.02.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: SEVEN

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345786
Uplynulý čas: 5 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 2
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0, Do karantény, [d2aa49d8fc8eac8aa7b343248083bc44],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],

Soubory: 9
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0.localstorage, Do karantény, [acd07da4e1a9af87a62912bbb64d02fe],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0\76, Do karantény, [d2aa49d8fc8eac8aa7b343248083bc44],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000214.ldb, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000223.log, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\CURRENT, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOCK, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOG, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOG.old, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],
PUP.Optional.CrossRider.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\MANIFEST-000221, Do karantény, [96e6eb361377d95de180c2a5a65d29d7],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: Zavirovaný pc + RSIT log

Napsal: 22 úno 2015 21:19
od TheSevenCz
Provedl jsem takovou svoji čistku ... Avast+mbam zde je nový log z rsitu

Logfile of random's system information tool 1.10 (written by random/random)
Run by SEVEN at 2015-02-22 21:19:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 460 GB (48%) free of 954 GB
Total RAM: 16278 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:35, on 22.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\SEVEN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: prio32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11766 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Gyazo\GyStation.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b3186faa-0750-4b37-afef-dd9c74731452 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1647311439-1368307815-1812519637-2064302683-2103400318-4888276481471102761-1214108613
\??\C:\Windows\system32\conhost.exe "-1806419063-1397290055953183669757474851163917600-1223275404-1623587374240004456
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\WmiApSrv.exe
ngservice.exe pipeserver
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\SEVEN\AppData\Local\Steam\htmlcache" -steampid 2556 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5704.0.838303336\1038731999" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39,47 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4709 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5704.2.1440661225\728989512" /prefetch:673131151
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5704.10.36240499\1752031490" /prefetch:673131151
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe" "C:\Users\SEVEN\Desktop\I.Spit.On.Your.Grave.2.2013.BRRip XViD juggs\I.Spit.On.Your.Grave.2.2013.BRRip XViD juggs.avi"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_09/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5704.12.337949356\1117117087" /prefetch:673131151
taskeng.exe {D8357118-27B3-47D5-91FB-91982A9F6909}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
taskeng.exe {B9A6B21E-1636-4355-8E95-99503EDD4496}
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\SEVEN\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-17 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-17 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-13 12936848]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-07-07 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-07-07 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-07-07 769520]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-01-16 2585928]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-01-16 1514528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-02-19 2874048]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2014-10-27 3095840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-20 291648]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-17 5227112]
"vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2013-10-18 111696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17 508800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="prio.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-07-07 623616]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-22 21:06:40 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2015-02-22 20:50:25 ----D---- C:\UpdateChromeLinksLogs
2015-02-22 18:09:28 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-22 18:09:16 ----D---- C:\ProgramData\Malwarebytes
2015-02-22 18:09:16 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-22 18:09:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-02-22 18:09:16 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-22 18:09:16 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-02-22 18:01:40 ----D---- C:\rsit
2015-02-18 08:13:15 ----D---- C:\Windows\SYSWOW64\vbox
2015-02-18 08:13:15 ----D---- C:\Windows\system32\vbox
2015-02-17 20:16:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-02-17 20:16:14 ----A---- C:\Windows\avastSS.scr
2015-02-17 20:11:43 ----D---- C:\Users\SEVEN\AppData\Roaming\java
2015-02-12 19:38:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 19:38:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 19:38:23 ----A---- C:\Windows\system32\jscript9.dll
2015-02-12 19:38:22 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 11:22:01 ----A---- C:\Windows\system32\drivers\WPRO_41_2001.sys
2015-02-11 22:25:33 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 22:25:33 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 22:25:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 22:25:31 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 22:25:30 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 22:25:30 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 22:25:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 22:25:19 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 22:25:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 22:25:11 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 22:25:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 22:25:10 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 22:25:10 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 22:25:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 22:25:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 22:25:09 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 22:25:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 22:25:08 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 22:25:08 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 22:25:08 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 22:25:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 22:25:07 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 22:25:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 22:25:04 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 22:25:03 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 22:25:02 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 22:24:49 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 22:24:49 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 22:24:48 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 22:24:48 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 22:24:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 22:24:48 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 22:24:48 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 22:24:48 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 22:24:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 22:24:44 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 22:24:39 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 22:24:39 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 22:24:38 ----A---- C:\Windows\system32\mstscax.dll
2015-02-11 22:24:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-11 22:24:37 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-02-11 22:24:17 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 22:24:17 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 22:24:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 22:24:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 22:24:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 22:24:11 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 22:24:11 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 22:24:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 22:24:10 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 22:23:59 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-02-22 21:19:34 ----D---- C:\Windows\Temp
2015-02-22 21:19:34 ----D---- C:\Program Files\trend micro
2015-02-22 21:10:42 ----D---- C:\Windows\system32\config
2015-02-22 21:10:07 ----D---- C:\Windows\System32
2015-02-22 21:09:14 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-22 21:09:08 ----D---- C:\Users\SEVEN\AppData\Roaming\TS3Client
2015-02-22 21:07:04 ----D---- C:\ProgramData\VMware
2015-02-22 21:06:38 ----D---- C:\Program Files (x86)\Steam
2015-02-22 21:06:03 ----D---- C:\Windows
2015-02-22 21:06:03 ----D---- C:\ProgramData\NVIDIA
2015-02-22 21:04:18 ----D---- C:\Users\SEVEN\AppData\Roaming\uTorrent
2015-02-22 20:52:12 ----D---- C:\Windows\inf
2015-02-22 20:51:10 ----D---- C:\Windows\SysWOW64
2015-02-22 20:50:56 ----RD---- C:\Program Files (x86)
2015-02-22 20:49:22 ----D---- C:\Windows\system32\drivers
2015-02-22 20:49:21 ----D---- C:\Windows\system32\DriverStore
2015-02-22 20:49:20 ----D---- C:\Windows\system32\catroot
2015-02-22 20:48:09 ----SHD---- C:\Windows\Installer
2015-02-22 20:48:09 ----HD---- C:\Config.Msi
2015-02-22 20:47:40 ----SHD---- C:\System Volume Information
2015-02-22 20:46:40 ----D---- C:\Program Files (x86)\OCCTPT
2015-02-22 20:42:08 ----HD---- C:\ProgramData
2015-02-22 18:20:14 ----D---- C:\Windows\Minidump
2015-02-22 18:20:14 ----D---- C:\Windows\debug
2015-02-21 15:47:46 ----D---- C:\Users\SEVEN\AppData\Roaming\.minecraft
2015-02-17 20:16:29 ----D---- C:\Windows\system32\Tasks
2015-02-14 23:23:51 ----D---- C:\Windows\system32\catroot2
2015-02-12 20:32:12 ----D---- C:\Windows\winsxs
2015-02-12 20:32:08 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 20:32:08 ----D---- C:\Windows\system32\en-US
2015-02-12 11:19:51 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 11:19:51 ----D---- C:\Windows\system32\cs-CZ
2015-02-12 11:19:51 ----D---- C:\Windows\system32\appraiser
2015-02-12 11:19:50 ----D---- C:\Program Files\Internet Explorer
2015-02-12 11:19:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-12 11:19:45 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 00:14:58 ----D---- C:\Windows\system32\MRT
2015-02-12 00:11:49 ----A---- C:\Windows\system32\MRT.exe
2015-02-09 12:47:47 ----D---- C:\ProgramData\Package Cache
2015-02-09 09:39:38 ----A---- C:\IFRToolLog.txt
2015-02-07 10:38:38 ----D---- C:\Windows\Tasks
2015-02-01 22:12:00 ----D---- C:\Windows\Prefetch
2015-01-28 23:07:51 ----D---- C:\Program Files (x86)\Common Files
2015-01-28 23:07:18 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-28 23:06:57 ----D---- C:\ProgramData\Oracle
2015-01-28 23:06:54 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-02-17 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-02-17 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-05-30 569152]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-07-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-07-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2013-10-08 85584]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2013-10-08 73296]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-02-17 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-02-17 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-02-17 436624]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-02-17 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-02-17 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-02-17 116728]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2013-10-09 53816]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-02-17 271752]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-10-18 46160]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-10-18 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-10-18 64080]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-07-07 4187648]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-24 4097808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-07-07 449528]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2014-07-07 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-07-07 358456]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-07-07 791608]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-02-22 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-07-07 100312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-01-16 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-07 883928]
R3 SAlphamHid;SteelHIDSvc; C:\Windows\system32\DRIVERS\SAlpham64.sys [2014-07-07 38016]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-07 33008]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-10-18 20560]
S3 cpuz137;cpuz137; \??\C:\Users\SEVEN\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-17 50344]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-01-16 1148744]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-01-16 1706312]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-01-16 21833544]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-13 935240]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2013-10-18 86096]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-10-18 358480]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-09 905272]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-10-18 437328]
R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2013-10-18 14405200]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-02-17 4012248]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-02-21 814464]
S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-07-07 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-18 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Zavirovaný pc + RSIT log

Napsal: 27 úno 2015 07:16
od TheSevenCz
:( vím že máte moc práce ale opravdu by se nenašel někdo? :(

Re: Zavirovaný pc + RSIT log

Napsal: 27 úno 2015 17:29
od Márty84
Zdravim :)
TheSevenCz píše:jen jsem ještě pustil mbam doufám že to nevadí .
Vadi to. Kdybyste dal jen uvodni log, davno by se vas nekdo ujal. Ale tim, ze jste si sam odpovedel, a to ne jednou, jste zapadl do zapomeni, protoze kdyz je vice odpovedi, vypada to, ze uz tema nekdo resi a ostatni uz tema nerozkliknou. Casu neni moc, takze kazdy resi sve pripady a kdyz bere novy, hleda prednostne prave temata bez odpovedi. Takze pouceni pro priste :thumbsup:


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


:arrow: Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Zavirovaný pc + RSIT log

Napsal: 01 bře 2015 05:31
od TheSevenCz
# AdwCleaner v4.111 - Logfile created 01/03/2015 at 05:34:39
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : SEVEN - SEVEN-PC
# Running from : C:\Users\SEVEN\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\SEVEN\AppData\Local\CrashRpt
Folder Deleted : C:\Users\SEVEN\AppData\LocalLow\HPAppData

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GetPrivate

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v


-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [1279 bytes] - [29/10/2013 23:09:42]
AdwCleaner[R1].txt - [6102 bytes] - [31/03/2014 16:59:30]
AdwCleaner[R2].txt - [2896 bytes] - [08/09/2014 17:43:53]
AdwCleaner[R3].txt - [1402 bytes] - [01/03/2015 05:33:16]
AdwCleaner[S0].txt - [1328 bytes] - [29/10/2013 23:10:32]
AdwCleaner[S1].txt - [5031 bytes] - [31/03/2014 17:01:00]
AdwCleaner[S2].txt - [2641 bytes] - [08/09/2014 17:45:02]
AdwCleaner[S3].txt - [1252 bytes] - [01/03/2015 05:34:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1311 bytes] ##########

Re: Zavirovaný pc + RSIT log

Napsal: 01 bře 2015 08:47
od Márty84
Fajn, tak ted jeste ten MBAM :)

Re: Zavirovaný pc + RSIT log

Napsal: 01 bře 2015 18:45
od TheSevenCz
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1.3.2015
Čas skenování: 17:12:52
Protokol: dd.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.01.03
Databáze rootkitů: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: SEVEN

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 608047
Uplynulý čas: 1 hod, 32 min, 15 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 19
PUP.Optional.OneClickDownloader.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000, , [2c2bbd83177340f6f9b0065fb54c837d],
PUP.Optional.OneClickDownloader.A, C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000001, , [fd5a78c829616cca9a11f9424db48779],
Hacktool.Agent, C:\$Recycle.Bin\S-1-5-21-2555568842-1092611113-2149889357-1001\$RRG7AF0\Windows 7 Activation\Windows 7 ACTIVATION\Windows 7 Activation.exe, , [1b3cdd637f0bf145ef7586ede71af907],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\BS_Player_ControlBarToolbarHelper.exe.vir, , [4512320e8901de58f0cb30ee21df0000],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hk64tbBS_P.dll.vir, , [e96efd433357ac8a12ed210e2dd3be42],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\hktbBS_P.dll.vir, , [fe59a898f2981f1701fefe319d63db25],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\ldrtbBS_P.dll.vir, , [2e29ce725b2fae88a25d30ff44bc916f],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\prxtbBS_P.dll.vir, , [95c2063a068420168679b679bb458a76],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BS_Player_ControlBar\tbBS_P.dll.vir, , [de791d230d7d49edc8379a95b64a6e92],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [292ece72e6a42e0816ea47e93bc5857b],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe.vir, , [3324360a2d5dbc7a6b61b6afd928ea16],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe.vir, , [aea9ca76c9c1f046d5f7184d59a8857b],
PUP.Optional.TornTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exe.vir, , [aea9bd83e3a7aa8ceede7ce9e91856aa],
PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Torntv V9.0\utils.exe.vir, , [76e1d56bef9b1a1ccb4eb29a35cbef11],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Users\SEVEN\AppData\Local\Conduit\CT1750559\BS_Player_ControlBarAutoUpdateHelper.exe.vir, , [6bec78c8c9c12f078f2cf529a45c6e92],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\SEVEN\AppData\LocalLow\BS_Player_ControlBar\hk64tbBS_P.dll.vir, , [bf9897a9c6c4be784cb35dd243bd44bc],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\SEVEN\AppData\LocalLow\BS_Player_ControlBar\hktbBS_P.dll.vir, , [6becd7697713c373b04f61ce2ed29b65],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\SEVEN\AppData\LocalLow\BS_Player_ControlBar\ldrtbBS_P.dll.vir, , [36210f3147432c0a22ddd35c3bc505fb],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\SEVEN\AppData\LocalLow\BS_Player_ControlBar\tbBS_P.dll.vir, , [4c0b3a067c0e01358778949b36cac040],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: Zavirovaný pc + RSIT log

Napsal: 02 bře 2015 10:25
od Márty84
:arrow: Vsechny nalezy hodte do karanteny. Po dalsim restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

:???: Jinak jak je to s legalitou systemu? :?:

Re: Zavirovaný pc + RSIT log

Napsal: 02 bře 2015 13:36
od TheSevenCz
systém mám legální dokonce 2x můžu klidně vyfotit jen sem blbec stáhl do MWvare windows s crackem ....
(který sem nepotřeboval protože do MWvaru můžu jet klidně na trial) ....
hned jak mbam doběhne hodím log + screen z fakturou na cz.cz za pc a mimo jiné i win
Obrázek

Re: Zavirovaný pc + RSIT log

Napsal: 02 bře 2015 19:36
od TheSevenCz
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 2.3.2015
Čas skenování: 13:34:59
Protokol: mbaaaaam.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.02.03
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: SEVEN

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 608437
Uplynulý čas: 1 hod, 14 min, 25 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: Zavirovaný pc + RSIT log

Napsal: 02 bře 2015 20:22
od Márty84
:arrow: MBAM muzete odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: Zavirovaný pc + RSIT log

Napsal: 03 bře 2015 18:26
od TheSevenCz
Bohužel nevadí že stáhnu z jiného zdroje?
Obrázek

Re: Zavirovaný pc + RSIT log

Napsal: 04 bře 2015 10:01
od Márty84
Pokud to stale nepujde ( http://forum.viry.cz/viewtopic.php?f=31&t=143340 ), dejte log jen z FRST, bez pouziti Launcheru.

Re: Zavirovaný pc + RSIT log

Napsal: 04 bře 2015 19:34
od TheSevenCz
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015
Ran by SEVEN (administrator) on SEVEN-PC on 04-03-2015 19:31:53
Running from C:\Users\SEVEN\Desktop
Loaded Profiles: SEVEN (Available profiles: SEVEN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Bohemia Interactive) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-17] (AVAST Software)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\...\MountPoints2: {602c3113-4c6a-11e3-8aff-bc5ff46524b8} - E:\Setup.exe
HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\...\MountPoints2: {d4e1f610-cf92-11e3-bae3-bc5ff46524b8} - E:\Install.exe
AppInit_DLLs: prio.dll => prio.dll File Not Found
AppInit_DLLs-x32: prio32.dll => "prio32.dll" File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2555568842-1092611113-2149889357-1001 -> {6483e680-535c-49ac-b707-01a505dbfb00} URL = http://www.mapy.cz/?query={searchTerms} ... earch_9973
SearchScopes: HKU\S-1-5-21-2555568842-1092611113-2149889357-1001 -> {6fc86c32-5a25-4a9a-aab9-84a49fa90a77} URL = http://www.firmy.cz/?q={searchTerms}&so ... earch_9973
SearchScopes: HKU\S-1-5-21-2555568842-1092611113-2149889357-1001 -> {99dc1524-8f80-4e47-8845-85ed6ea0652f} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... earch_9973
SearchScopes: HKU\S-1-5-21-2555568842-1092611113-2149889357-1001 -> {f642b737-ec43-43c3-9694-7295c8bc2dbc} URL = http://search.seznam.cz/?q={searchTerms ... earch_9973
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-2555568842-1092611113-2149889357-1001 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.240.0.214 83.240.0.135

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2555568842-1092611113-2149889357-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-13]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKU\S-1-5-21-2555568842-1092611113-2149889357-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/
CHR Profile: C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-18]
CHR Extension: (Google Drive) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-18]
CHR Extension: (JAM with Chrome) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bggjdpbfjakfkacljidachigalghbnpk [2014-01-02]
CHR Extension: (YouTube) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (Virtual Piano) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohgcponedmbhgbbdinajeoapmoaifdj [2014-01-02]
CHR Extension: (Google Search) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (AdBlock) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\SEVEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-17] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-17] (Avast Software)
R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-21] ()
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835776 2015-02-19] (Valve Corporation) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-17] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-07-07] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2014-07-07] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2014-07-07] (SteelSeries Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-07-07] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-17] (Avast Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-03-04] ()
R3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S3 cpuz137; \??\C:\Users\SEVEN\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 19:31 - 2015-03-04 19:32 - 00019331 _____ () C:\Users\SEVEN\Desktop\FRST.txt
2015-03-04 19:31 - 2015-03-04 19:31 - 00000000 ____D () C:\FRST
2015-03-04 19:30 - 2015-03-04 19:30 - 02093056 _____ (Farbar) C:\Users\SEVEN\Downloads\FRST64.exe
2015-03-04 14:18 - 2015-03-04 14:18 - 00000197 _____ () C:\Windows\system32\2015-03-04-13-18-38.012-AvastVBoxSVC.exe-3200.log
2015-03-04 14:16 - 2015-03-04 14:16 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-03-03 20:56 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 20:56 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 20:56 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 20:56 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 18:24 - 2015-03-04 19:30 - 02093056 _____ (Farbar) C:\Users\SEVEN\Desktop\FRST64.exe
2015-03-03 15:59 - 2015-03-03 15:59 - 00000197 _____ () C:\Windows\system32\2015-03-03-14-59-19.092-AvastVBoxSVC.exe-4984.log
2015-03-03 09:40 - 2015-03-03 09:40 - 00000197 _____ () C:\Windows\system32\2015-03-03-08-40-00.045-AvastVBoxSVC.exe-4100.log
2015-03-02 20:41 - 2015-03-02 20:41 - 00028743 _____ () C:\Users\SEVEN\Downloads\[kickass.to]dude.where.s.my.car.2000.eng.dvdrip.realbeats.torrent
2015-03-02 20:38 - 2015-03-02 20:53 - 00000000 ____D () C:\Users\SEVEN\Desktop\Dude, Where's My Car (2000)
2015-03-02 20:37 - 2015-03-02 20:37 - 00012874 _____ () C:\Users\SEVEN\Downloads\[kickass.to]dude.where.s.my.car.2000.720p.brrip.mkv.600mb.yify.torrent
2015-03-02 18:08 - 2015-03-02 18:08 - 00000197 _____ () C:\Windows\system32\2015-03-02-17-08-32.052-AvastVBoxSVC.exe-4916.log
2015-03-02 12:59 - 2015-03-02 12:59 - 00000197 _____ () C:\Windows\system32\2015-03-02-11-59-30.051-AvastVBoxSVC.exe-4676.log
2015-03-01 16:48 - 2015-03-01 16:48 - 00000197 _____ () C:\Windows\system32\2015-03-01-15-48-33.040-AvastVBoxSVC.exe-4724.log
2015-03-01 05:40 - 2015-03-01 05:40 - 00000197 _____ () C:\Windows\system32\2015-03-01-04-40-14.081-AvastVBoxSVC.exe-4416.log
2015-02-28 23:16 - 2015-02-28 23:16 - 00000197 _____ () C:\Windows\system32\2015-02-28-22-16-33.028-AvastVBoxSVC.exe-4284.log
2015-02-28 12:45 - 2015-02-28 12:45 - 00000197 _____ () C:\Windows\system32\2015-02-28-11-45-14.031-AvastVBoxSVC.exe-2304.log
2015-02-27 18:59 - 2015-02-27 18:59 - 00069074 _____ () C:\Users\SEVEN\Downloads\stažený soubor.htm
2015-02-27 17:49 - 2015-02-27 17:49 - 00433499 _____ () C:\Users\SEVEN\Downloads\home.php
2015-02-27 17:20 - 2015-02-27 17:20 - 00000197 _____ () C:\Windows\system32\2015-02-27-16-20-48.023-AvastVBoxSVC.exe-4740.log
2015-02-27 09:09 - 2015-02-27 09:09 - 00003938 _____ () C:\Users\SEVEN\AppData\Local\recently-used.xbel
2015-02-26 22:06 - 2015-02-26 22:06 - 00000197 _____ () C:\Windows\system32\2015-02-26-21-06-27.057-AvastVBoxSVC.exe-708.log
2015-02-26 19:31 - 2015-02-26 19:32 - 00000197 _____ () C:\Windows\system32\2015-02-26-18-31-47.067-AvastVBoxSVC.exe-4624.log
2015-02-26 12:43 - 2015-02-26 12:44 - 00000197 _____ () C:\Windows\system32\2015-02-26-11-43-47.081-AvastVBoxSVC.exe-1736.log
2015-02-26 01:47 - 2015-02-26 01:47 - 00013015 _____ () C:\Users\SEVEN\Downloads\[kickass.to]scarface.1983.1080p.brrip.x264.yify.torrent
2015-02-25 16:39 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-02-25 16:38 - 2015-02-25 16:40 - 00035026 _____ () C:\Windows\DirectX.log
2015-02-25 15:54 - 2015-02-25 15:54 - 00000221 _____ () C:\Users\SEVEN\Desktop\S.T.A.L.K.E.R. Call of Pripyat.url
2015-02-25 12:50 - 2015-02-25 12:50 - 00000197 _____ () C:\Windows\system32\2015-02-25-11-50-21.023-AvastVBoxSVC.exe-3776.log
2015-02-25 01:15 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 01:15 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 21:21 - 2015-02-24 21:21 - 00009530 _____ () C:\Users\SEVEN\Downloads\The.Equalizer.(2014) (1).torrent
2015-02-24 20:06 - 2015-02-24 20:06 - 00000197 _____ () C:\Windows\system32\2015-02-24-19-06-18.027-AvastVBoxSVC.exe-3912.log
2015-02-23 21:30 - 2015-02-23 21:30 - 00000197 _____ () C:\Windows\system32\2015-02-23-20-30-44.050-AvastVBoxSVC.exe-4908.log
2015-02-23 12:44 - 2015-02-23 12:44 - 18129584 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-23 12:16 - 2015-02-23 12:16 - 00203819 _____ () C:\Users\SEVEN\Downloads\watch.htm
2015-02-23 11:57 - 2015-03-04 18:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-23 11:57 - 2015-02-23 12:44 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-23 11:57 - 2015-02-23 12:44 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-23 11:57 - 2015-02-23 11:57 - 00000000 ____D () C:\Windows\system32\Macromed
2015-02-23 11:36 - 2015-02-23 11:36 - 00000197 _____ () C:\Windows\system32\2015-02-23-10-36-09.040-AvastVBoxSVC.exe-1296.log
2015-02-23 02:39 - 2015-02-23 02:39 - 00009530 _____ () C:\Users\SEVEN\Downloads\The.Equalizer.(2014).torrent
2015-02-23 02:16 - 2015-02-23 02:16 - 00000000 __SHD () C:\Users\SEVEN\AppData\Local\EmieBrowserModeList
2015-02-22 21:12 - 2015-03-02 20:51 - 00000000 ____D () C:\Users\SEVEN\Desktop\Filmy
2015-02-22 21:10 - 2015-02-22 21:10 - 00000197 _____ () C:\Windows\system32\2015-02-22-20-10-07.027-AvastVBoxSVC.exe-4352.log
2015-02-22 21:06 - 2015-03-04 14:17 - 00003192 _____ () C:\Windows\setupact.log
2015-02-22 21:06 - 2015-02-22 21:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-22 21:05 - 2015-03-04 14:15 - 00020670 _____ () C:\Windows\PFRO.log
2015-02-22 18:09 - 2015-03-02 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-22 18:09 - 2015-02-22 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-22 18:09 - 2015-02-22 18:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-22 18:09 - 2015-02-22 18:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-22 18:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-22 18:09 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-22 18:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-22 18:01 - 2015-02-22 18:01 - 00000000 ____D () C:\rsit
2015-02-22 18:00 - 2015-02-22 18:00 - 01222144 _____ () C:\Users\SEVEN\Downloads\RSITx64.exe
2015-02-22 17:43 - 2015-02-22 17:44 - 00000197 _____ () C:\Windows\system32\2015-02-22-16-43-54.080-AvastVBoxSVC.exe-3744.log
2015-02-22 11:08 - 2015-02-22 11:08 - 00000197 _____ () C:\Windows\system32\2015-02-22-10-08-52.091-AvastVBoxSVC.exe-2808.log
2015-02-21 10:09 - 2015-02-21 10:09 - 00000197 _____ () C:\Windows\system32\2015-02-21-09-09-23.060-AvastVBoxSVC.exe-3520.log
2015-02-20 09:25 - 2015-02-20 09:25 - 00000197 _____ () C:\Windows\system32\2015-02-20-08-25-28.089-AvastVBoxSVC.exe-4716.log
2015-02-19 18:49 - 2015-02-19 18:49 - 00000000 ____D () C:\Users\SEVEN\AppData\Local\Steam
2015-02-19 14:07 - 2015-02-19 14:07 - 00000222 _____ () C:\Users\SEVEN\Desktop\War Thunder (2).url
2015-02-19 11:17 - 2015-02-19 11:17 - 00000197 _____ () C:\Windows\system32\2015-02-19-10-17-16.045-AvastVBoxSVC.exe-3460.log
2015-02-18 16:22 - 2015-02-18 16:23 - 00000197 _____ () C:\Windows\system32\2015-02-18-15-22-55.012-AvastVBoxSVC.exe-3352.log
2015-02-18 14:05 - 2015-02-18 14:05 - 00000197 _____ () C:\Windows\system32\2015-02-18-13-05-06.003-AvastVBoxSVC.exe-3348.log
2015-02-18 13:15 - 2015-02-18 13:16 - 00000197 _____ () C:\Windows\system32\2015-02-18-12-15-47.083-AvastVBoxSVC.exe-2700.log
2015-02-18 08:27 - 2015-02-18 08:27 - 00000247 _____ () C:\Windows\system32\2015-02-18-07-27-50.023-aswFe.exe-6584.log
2015-02-18 08:22 - 2015-02-18 08:27 - 00000247 _____ () C:\Windows\system32\2015-02-18-07-22-58.086-aswFe.exe-6784.log
2015-02-18 08:22 - 2015-02-18 08:22 - 00000197 _____ () C:\Windows\system32\2015-02-18-07-22-44.043-AvastVBoxSVC.exe-6264.log
2015-02-18 08:13 - 2015-02-18 08:13 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-18 08:13 - 2015-02-18 08:13 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-17 20:17 - 2015-02-17 20:17 - 01673860 _____ (TeamExtreme) C:\Users\SEVEN\Desktop\Minecraft.exe
2015-02-17 20:16 - 2015-02-17 20:16 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-17 20:16 - 2015-02-17 20:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-17 20:11 - 2015-02-17 20:11 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\java
2015-02-17 20:09 - 2015-02-17 20:09 - 00001722 _____ () C:\Users\SEVEN\Desktop\Play League of Legends.lnk
2015-02-12 19:38 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 19:38 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 19:38 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 19:38 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 11:22 - 2015-03-04 14:16 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-02-11 22:25 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 22:25 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 22:25 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 22:25 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 22:25 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 22:25 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 22:25 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 22:25 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 22:25 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 22:25 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 22:25 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 22:25 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 22:25 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 22:25 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 22:25 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 22:25 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 22:25 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 22:25 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 22:25 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 22:25 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 22:25 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 22:25 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 22:25 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 22:25 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 22:25 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 22:25 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 22:25 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 22:25 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 22:25 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 22:25 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 22:25 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 22:25 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 22:25 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 22:25 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 22:25 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 22:25 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 22:25 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 22:25 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 22:25 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 22:25 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 22:25 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 22:25 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 22:25 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 22:25 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 22:25 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 22:25 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 22:25 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 22:25 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 22:25 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 22:25 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 22:25 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 22:25 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 22:25 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 22:25 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 22:25 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 22:25 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 22:25 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 22:25 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 22:25 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 22:25 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 22:25 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 22:25 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 22:25 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 22:25 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 22:24 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 22:24 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 22:24 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 22:24 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 22:24 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 22:24 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 22:24 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 22:24 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 22:24 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 22:24 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 22:24 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 22:24 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 22:24 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 22:24 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 22:24 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 22:24 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 22:24 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 22:24 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 22:24 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 22:24 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 22:24 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 22:24 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 22:24 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 22:24 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 22:24 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 22:24 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 22:24 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 22:24 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 22:24 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 22:24 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 22:24 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 22:24 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 22:24 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 22:24 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 22:24 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 22:24 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 22:24 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 22:24 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 22:23 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 19:23 - 2013-12-14 19:00 - 01210851 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 19:19 - 2013-01-18 14:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 19:09 - 2013-01-18 17:17 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\TS3Client
2015-03-04 18:43 - 2014-09-08 21:20 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-04 16:07 - 2013-01-24 19:55 - 00000000 ____D () C:\Users\SEVEN\AppData\Local\CrashDumps
2015-03-04 15:17 - 2013-12-17 18:08 - 00000000 ____D () C:\Users\SEVEN\AppData\Local\DayZ
2015-03-04 14:26 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:26 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:19 - 2013-07-13 17:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-04 14:18 - 2014-09-08 21:20 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 14:17 - 2014-12-10 19:05 - 00000000 ____D () C:\ProgramData\VMware
2015-03-04 14:16 - 2014-07-08 19:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-04 14:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 14:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-02 20:47 - 2013-10-21 14:39 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\uTorrent
2015-03-01 21:04 - 2014-02-10 12:29 - 00000000 ____D () C:\Users\SEVEN\Desktop\Jarča nezařazené FOTKY
2015-03-01 21:04 - 2013-01-22 20:54 - 00000000 ____D () C:\Users\SEVEN\Desktop\Obrázky
2015-03-01 05:34 - 2013-10-29 23:09 - 00000000 ____D () C:\AdwCleaner
2015-02-28 23:08 - 2011-04-12 09:34 - 04092848 _____ () C:\Windows\system32\perfh005.dat
2015-02-28 23:08 - 2011-04-12 09:34 - 01298656 _____ () C:\Windows\system32\perfc005.dat
2015-02-28 23:08 - 2009-07-14 06:13 - 00006506 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 09:49 - 2013-07-18 23:12 - 00000000 ____D () C:\Users\SEVEN\.gimp-2.8
2015-02-27 09:09 - 2013-07-18 23:30 - 00000000 ____D () C:\Users\SEVEN\AppData\Local\gtk-2.0
2015-02-25 15:54 - 2013-01-18 14:28 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-23 14:27 - 2014-12-10 19:08 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\VMware
2015-02-23 14:27 - 2014-12-10 19:08 - 00000000 ____D () C:\Users\SEVEN\AppData\Local\VMware
2015-02-23 12:44 - 2014-10-21 15:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-22 21:19 - 2013-10-29 22:30 - 00000000 ____D () C:\Program Files\trend micro
2015-02-22 21:11 - 2013-10-29 22:17 - 00000000 ____D () C:\Users\SEVEN\Desktop\Programy
2015-02-22 20:50 - 2014-09-09 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-02-22 20:46 - 2015-01-09 00:19 - 00000000 ____D () C:\Program Files (x86)\OCCTPT
2015-02-22 20:41 - 2015-01-09 14:20 - 00000000 ____D () C:\Users\SEVEN\Documents\Survarium
2015-02-22 18:20 - 2015-01-11 00:35 - 00000000 ____D () C:\Windows\Minidump
2015-02-21 15:47 - 2015-01-03 22:25 - 00000000 ____D () C:\Users\SEVEN\AppData\Roaming\.minecraft
2015-02-20 09:45 - 2014-09-08 21:20 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-17 20:16 - 2014-04-26 18:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-17 20:16 - 2014-01-28 19:01 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-02-17 20:16 - 2013-07-13 17:45 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-16 16:20 - 2013-11-17 19:25 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-15 00:50 - 2014-07-01 22:07 - 00000562 _____ () C:\Users\SEVEN\Desktop\heslo.txt
2015-02-13 17:31 - 2015-02-01 13:50 - 00000115 _____ () C:\Users\SEVEN\Desktop\BOT PASS.txt
2015-02-12 11:21 - 2009-07-14 05:45 - 00470112 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 11:19 - 2014-12-12 05:51 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 11:19 - 2014-05-06 21:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 00:14 - 2013-08-14 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 00:11 - 2013-01-18 22:22 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 12:47 - 2014-02-07 23:24 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-07 10:38 - 2013-01-18 12:09 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 10:38 - 2013-01-18 12:09 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 08:04 - 2009-07-14 06:08 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-06-03 20:23 - 2014-07-13 16:27 - 0000083 _____ () C:\Users\SEVEN\AppData\Roaming\prio.ini
2015-02-27 09:09 - 2015-02-27 09:09 - 0003938 _____ () C:\Users\SEVEN\AppData\Local\recently-used.xbel
2015-01-20 23:37 - 2015-01-20 23:37 - 0000000 _____ () C:\Users\SEVEN\AppData\Local\{3176F744-A793-4256-9285-C94D30D9A77F}
2014-10-03 21:25 - 2014-10-03 21:25 - 0000000 _____ () C:\Users\SEVEN\AppData\Local\{58E47B11-B267-49A7-BED4-4FB91E346A05}
2014-12-09 23:37 - 2014-12-09 23:37 - 0000000 _____ () C:\Users\SEVEN\AppData\Local\{68A35A06-E4AA-43D9-B004-CE6D1E59BC18}
2013-09-29 18:54 - 2013-10-21 16:17 - 0002198 _____ () C:\ProgramData\hpzinstall.log
2013-01-17 15:20 - 2013-01-17 15:20 - 0000000 _____ () C:\ProgramData\xmlCC33.tmp
2013-01-17 15:20 - 2013-01-17 15:20 - 0000000 _____ () C:\ProgramData\xmlCD2E.tmp
2013-01-17 15:20 - 2013-01-17 15:20 - 0000000 _____ () C:\ProgramData\xmlCD2F.tmp
2013-01-17 15:20 - 2013-01-17 15:20 - 0000000 _____ () C:\ProgramData\xmlCD30.tmp

Some content of TEMP:
====================
C:\Users\SEVEN\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 16:35

==================== End Of Log ============================
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz