log
Napsal: 18 dub 2015 02:29
Poprosím o pomoc... posielam vypis z logu. Vopred dakujem
Logfile of random's system information tool 1.10 (written by random/random)
Run by jozef at 2015-04-18 03:21:52
Microsoft Windows 8.1 Pro
System drive C: has 214 GB (70%) free of 305 GB
Total RAM: 3835 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:22:20, on 18.4.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jozef.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553512000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem11.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7872 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\BtwRSupportService.exe
dashost.exe {6be7ed4f-aa39-4410-91ace526537fe4a8}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="616.0.1707166639\414527206" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.97.10.6 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.1.1167342569\626112883" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.2.154028841\1557819688" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.3.1647533584\232540094" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.4.1226173656\2064508383" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.5.1694861626\690345985" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.15.1623361820\944526228" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.24.1018512994\775192225" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.32.808218683\1569311226" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.35.188206076\1856925302" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\jozef\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yt202180.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-18 03:21:52 ----D---- C:\rsit
2015-04-15 18:28:44 ----A---- C:\Windows\system32\drivers\wanarp.sys
2015-04-15 18:28:44 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2015-04-15 18:28:43 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2015-04-15 18:28:43 ----A---- C:\Windows\system32\rascfg.dll
2015-04-15 14:20:14 ----A---- C:\Windows\system32\tdh.dll
2015-04-15 14:20:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:20:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\tracerpt.exe
2015-04-15 14:20:13 ----A---- C:\Windows\system32\sechost.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 14:20:11 ----A---- C:\Windows\system32\lsm.dll
2015-04-15 14:20:06 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 14:20:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 14:20:01 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 14:19:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 14:19:58 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 14:19:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 14:19:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 14:19:54 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 14:19:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 14:19:53 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 14:19:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\jscript.dll
2015-04-15 14:19:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 14:19:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 14:19:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 14:12:05 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-15 14:12:05 ----A---- C:\Windows\system32\pku2u.dll
2015-04-15 14:11:57 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 14:11:53 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 14:11:53 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wups.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:11:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 14:11:52 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 14:11:52 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 14:11:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 14:11:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 14:11:51 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 14:11:51 ----A---- C:\Windows\system32\storewuauth.dll
2015-04-15 14:11:47 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 14:11:47 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-15 14:11:47 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 14:11:28 ----A---- C:\Windows\system32\devinv.dll
2015-04-12 13:16:19 ----D---- C:\Windows\%LOCALAPPDATA%
2015-04-10 22:27:36 ----D---- C:\ProgramData\Logs
2015-04-10 22:27:35 ----D---- C:\ProgramData\TEMP
2015-04-10 22:27:34 ----A---- C:\Windows\system32\roboot64.exe
2015-04-10 12:36:22 ----D---- C:\ProgramData\ESET
2015-04-10 12:36:22 ----D---- C:\Program Files\ESET
2015-04-10 12:35:48 ----D---- C:\Windows\SYSWOW64\temp
2015-04-04 16:22:39 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:22:38 ----SD---- C:\Windows\system32\GWX
2015-04-04 16:22:33 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-04 16:22:33 ----A---- C:\Windows\system32\msctf.dll
2015-03-30 02:29:49 ----D---- C:\Windows\SoftwareDistribution
2015-03-28 21:57:06 ----D---- C:\Users\jozef\AppData\Roaming\GIRDAC
2015-03-28 21:57:06 ----D---- C:\GIRDAC
2015-03-21 22:01:53 ----D---- C:\Users\jozef\AppData\Roaming\ESET
======List of files/folders modified in the last 1 month======
2015-04-18 07:59:54 ----D---- C:\Windows\Tasks
2015-04-18 07:59:54 ----D---- C:\Windows\system32\Tasks
2015-04-18 07:59:54 ----D---- C:\Windows\system32\catroot2
2015-04-18 07:59:54 ----D---- C:\Windows
2015-04-18 07:59:53 ----SHD---- C:\Windows\Installer
2015-04-18 07:59:53 ----D---- C:\Users\jozef\AppData\Roaming\uTorrent
2015-04-18 07:59:49 ----D---- C:\Program Files (x86)\UMPlayer
2015-04-18 07:58:27 ----RD---- C:\Program Files
2015-04-18 07:58:27 ----D---- C:\Windows\system32\wbem
2015-04-18 07:55:02 ----D---- C:\Windows\registration
2015-04-18 07:55:00 ----D---- C:\Windows\WinSxS
2015-04-18 07:54:35 ----RD---- C:\Users
2015-04-18 07:54:34 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2015-04-18 07:54:15 ----RD---- C:\Program Files (x86)
2015-04-18 07:54:14 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-18 07:54:13 ----D---- C:\EEK
2015-04-18 06:12:32 ----SHD---- C:\Recovery
2015-04-18 03:22:18 ----D---- C:\Program Files\trend micro
2015-04-18 03:22:00 ----D---- C:\Windows\Prefetch
2015-04-18 03:21:37 ----D---- C:\Windows\Temp
2015-04-18 03:00:00 ----D---- C:\Windows\system32\sru
2015-04-18 02:19:43 ----HD---- C:\Program Files\WindowsApps
2015-04-18 02:06:38 ----D---- C:\Windows\system32\config
2015-04-18 02:02:58 ----SHD---- C:\System Volume Information
2015-04-18 01:55:28 ----D---- C:\Windows\AppReadiness
2015-04-17 23:55:28 ----D---- C:\Windows\system32\NDF
2015-04-17 23:55:11 ----RD---- C:\Windows\System32
2015-04-17 23:55:11 ----D---- C:\Windows\Inf
2015-04-17 23:55:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-17 21:05:05 ----D---- C:\Windows\debug
2015-04-17 17:04:00 ----SHD---- C:\Config.Msi
2015-04-17 17:00:56 ----D---- C:\ProgramData\Nero
2015-04-17 16:24:45 ----D---- C:\Windows\Microsoft.NET
2015-04-17 13:23:51 ----RSD---- C:\Windows\assembly
2015-04-17 01:45:06 ----D---- C:\Windows\rescache
2015-04-16 20:26:30 ----D---- C:\Windows\AppCompat
2015-04-16 20:13:59 ----D---- C:\Windows\CbsTemp
2015-04-16 20:13:33 ----D---- C:\Windows\SysWOW64
2015-04-16 17:22:10 ----D---- C:\Users\jozef\AppData\Roaming\.purple
2015-04-16 16:38:18 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:38:10 ----D---- C:\ProgramData\Skype
2015-04-15 19:19:24 ----D---- C:\Windows\system32\drivers
2015-04-15 19:19:22 ----D---- C:\Windows\system32\sk-SK
2015-04-15 19:19:22 ----D---- C:\Windows\system32\en-US
2015-04-15 19:19:21 ----D---- C:\Windows\apppatch
2015-04-15 19:19:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 19:19:19 ----D---- C:\Program Files\Internet Explorer
2015-04-15 18:55:21 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 18:54:50 ----D---- C:\Windows\system32\MRT
2015-04-15 18:38:05 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 18:33:09 ----A---- C:\Windows\win.ini
2015-04-15 18:23:13 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 18:23:13 ----D---- C:\Windows\system32\appraiser
2015-04-14 01:24:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-12 13:12:56 ----SHD---- C:\$RECYCLE.BIN
2015-04-10 22:28:14 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2015-04-10 22:28:13 ----A---- C:\Windows\system32\msvcp100.dll
2015-04-10 22:27:36 ----HD---- C:\ProgramData
2015-04-10 12:37:14 ----D---- C:\Windows\system32\DriverStore
2015-04-04 16:24:49 ----D---- C:\Windows\Logs
2015-03-30 02:13:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 18:43:43 ----D---- C:\Windows\softwaredistribution.bak
2015-03-26 00:49:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-24 12:45:14 ----D---- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\EEK\BIN\a2ddax64.sys [2014-11-18 26176]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem4.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-19 11926016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-19 360448]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S3 bcbtums;@oem11.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-10-28 170712]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
S3 btwampfl;@oem11.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2013-10-28 166104]
S3 cleanhlp;cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [2014-11-18 57024]
S3 ESETCleanersDriver;ESET Cleaner Service; \??\C:\Windows\system32\Drivers\ESETCleanersDriver.sys [2014-12-06 170280]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-02-19 35064]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 WinDivert1.1;WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [2014-11-14 35376]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 BcmBtRSupport;@oem11.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-10-28 2255064]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jozef at 2015-04-18 03:21:52
Microsoft Windows 8.1 Pro
System drive C: has 214 GB (70%) free of 305 GB
Total RAM: 3835 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:22:20, on 18.4.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\jozef.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553512000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem11.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7872 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\BtwRSupportService.exe
dashost.exe {6be7ed4f-aa39-4410-91ace526537fe4a8}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="616.0.1707166639\414527206" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.97.10.6 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.1.1167342569\626112883" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.2.154028841\1557819688" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.3.1647533584\232540094" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.4.1226173656\2064508383" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.5.1694861626\690345985" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.15.1623361820\944526228" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.24.1018512994\775192225" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.32.808218683\1569311226" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/*RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=616 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="616.35.188206076\1856925302" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\jozef\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yt202180.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-18 03:21:52 ----D---- C:\rsit
2015-04-15 18:28:44 ----A---- C:\Windows\system32\drivers\wanarp.sys
2015-04-15 18:28:44 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2015-04-15 18:28:43 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2015-04-15 18:28:43 ----A---- C:\Windows\system32\rascfg.dll
2015-04-15 14:20:14 ----A---- C:\Windows\system32\tdh.dll
2015-04-15 14:20:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:20:14 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-04-15 14:20:13 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\tracerpt.exe
2015-04-15 14:20:13 ----A---- C:\Windows\system32\sechost.dll
2015-04-15 14:20:13 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 14:20:11 ----A---- C:\Windows\system32\lsm.dll
2015-04-15 14:20:06 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 14:20:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 14:20:01 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 14:19:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 14:19:58 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 14:19:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 14:19:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 14:19:54 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 14:19:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 14:19:53 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 14:19:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 14:19:52 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 14:19:51 ----A---- C:\Windows\system32\jscript.dll
2015-04-15 14:19:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 14:19:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 14:19:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 14:12:05 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-15 14:12:05 ----A---- C:\Windows\system32\pku2u.dll
2015-04-15 14:11:57 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 14:11:54 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 14:11:53 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 14:11:53 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wups.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:11:53 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:11:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 14:11:52 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 14:11:52 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 14:11:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 14:11:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 14:11:51 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 14:11:51 ----A---- C:\Windows\system32\storewuauth.dll
2015-04-15 14:11:47 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 14:11:47 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-15 14:11:47 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 14:11:29 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 14:11:28 ----A---- C:\Windows\system32\devinv.dll
2015-04-12 13:16:19 ----D---- C:\Windows\%LOCALAPPDATA%
2015-04-10 22:27:36 ----D---- C:\ProgramData\Logs
2015-04-10 22:27:35 ----D---- C:\ProgramData\TEMP
2015-04-10 22:27:34 ----A---- C:\Windows\system32\roboot64.exe
2015-04-10 12:36:22 ----D---- C:\ProgramData\ESET
2015-04-10 12:36:22 ----D---- C:\Program Files\ESET
2015-04-10 12:35:48 ----D---- C:\Windows\SYSWOW64\temp
2015-04-04 16:22:39 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:22:38 ----SD---- C:\Windows\system32\GWX
2015-04-04 16:22:33 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-04 16:22:33 ----A---- C:\Windows\system32\msctf.dll
2015-03-30 02:29:49 ----D---- C:\Windows\SoftwareDistribution
2015-03-28 21:57:06 ----D---- C:\Users\jozef\AppData\Roaming\GIRDAC
2015-03-28 21:57:06 ----D---- C:\GIRDAC
2015-03-21 22:01:53 ----D---- C:\Users\jozef\AppData\Roaming\ESET
======List of files/folders modified in the last 1 month======
2015-04-18 07:59:54 ----D---- C:\Windows\Tasks
2015-04-18 07:59:54 ----D---- C:\Windows\system32\Tasks
2015-04-18 07:59:54 ----D---- C:\Windows\system32\catroot2
2015-04-18 07:59:54 ----D---- C:\Windows
2015-04-18 07:59:53 ----SHD---- C:\Windows\Installer
2015-04-18 07:59:53 ----D---- C:\Users\jozef\AppData\Roaming\uTorrent
2015-04-18 07:59:49 ----D---- C:\Program Files (x86)\UMPlayer
2015-04-18 07:58:27 ----RD---- C:\Program Files
2015-04-18 07:58:27 ----D---- C:\Windows\system32\wbem
2015-04-18 07:55:02 ----D---- C:\Windows\registration
2015-04-18 07:55:00 ----D---- C:\Windows\WinSxS
2015-04-18 07:54:35 ----RD---- C:\Users
2015-04-18 07:54:34 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2015-04-18 07:54:15 ----RD---- C:\Program Files (x86)
2015-04-18 07:54:14 ----D---- C:\Program Files (x86)\Microsoft Office
2015-04-18 07:54:13 ----D---- C:\EEK
2015-04-18 06:12:32 ----SHD---- C:\Recovery
2015-04-18 03:22:18 ----D---- C:\Program Files\trend micro
2015-04-18 03:22:00 ----D---- C:\Windows\Prefetch
2015-04-18 03:21:37 ----D---- C:\Windows\Temp
2015-04-18 03:00:00 ----D---- C:\Windows\system32\sru
2015-04-18 02:19:43 ----HD---- C:\Program Files\WindowsApps
2015-04-18 02:06:38 ----D---- C:\Windows\system32\config
2015-04-18 02:02:58 ----SHD---- C:\System Volume Information
2015-04-18 01:55:28 ----D---- C:\Windows\AppReadiness
2015-04-17 23:55:28 ----D---- C:\Windows\system32\NDF
2015-04-17 23:55:11 ----RD---- C:\Windows\System32
2015-04-17 23:55:11 ----D---- C:\Windows\Inf
2015-04-17 23:55:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-17 21:05:05 ----D---- C:\Windows\debug
2015-04-17 17:04:00 ----SHD---- C:\Config.Msi
2015-04-17 17:00:56 ----D---- C:\ProgramData\Nero
2015-04-17 16:24:45 ----D---- C:\Windows\Microsoft.NET
2015-04-17 13:23:51 ----RSD---- C:\Windows\assembly
2015-04-17 01:45:06 ----D---- C:\Windows\rescache
2015-04-16 20:26:30 ----D---- C:\Windows\AppCompat
2015-04-16 20:13:59 ----D---- C:\Windows\CbsTemp
2015-04-16 20:13:33 ----D---- C:\Windows\SysWOW64
2015-04-16 17:22:10 ----D---- C:\Users\jozef\AppData\Roaming\.purple
2015-04-16 16:38:18 ----RD---- C:\Program Files (x86)\Skype
2015-04-16 16:38:10 ----D---- C:\ProgramData\Skype
2015-04-15 19:19:24 ----D---- C:\Windows\system32\drivers
2015-04-15 19:19:22 ----D---- C:\Windows\system32\sk-SK
2015-04-15 19:19:22 ----D---- C:\Windows\system32\en-US
2015-04-15 19:19:21 ----D---- C:\Windows\apppatch
2015-04-15 19:19:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 19:19:19 ----D---- C:\Program Files\Internet Explorer
2015-04-15 18:55:21 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 18:54:50 ----D---- C:\Windows\system32\MRT
2015-04-15 18:38:05 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 18:33:09 ----A---- C:\Windows\win.ini
2015-04-15 18:23:13 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 18:23:13 ----D---- C:\Windows\system32\appraiser
2015-04-14 01:24:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-12 13:12:56 ----SHD---- C:\$RECYCLE.BIN
2015-04-10 22:28:14 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2015-04-10 22:28:13 ----A---- C:\Windows\system32\msvcp100.dll
2015-04-10 22:27:36 ----HD---- C:\ProgramData
2015-04-10 12:37:14 ----D---- C:\Windows\system32\DriverStore
2015-04-04 16:24:49 ----D---- C:\Windows\Logs
2015-03-30 02:13:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 18:43:43 ----D---- C:\Windows\softwaredistribution.bak
2015-03-26 00:49:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-24 12:45:14 ----D---- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\EEK\BIN\a2ddax64.sys [2014-11-18 26176]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem4.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-19 11926016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-19 360448]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S3 bcbtums;@oem11.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-10-28 170712]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
S3 btwampfl;@oem11.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2013-10-28 166104]
S3 cleanhlp;cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [2014-11-18 57024]
S3 ESETCleanersDriver;ESET Cleaner Service; \??\C:\Windows\system32\Drivers\ESETCleanersDriver.sys [2014-12-06 170280]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-02-19 35064]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 WinDivert1.1;WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [2014-11-14 35376]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 BcmBtRSupport;@oem11.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-10-28 2255064]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-26 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
-----------------EOF-----------------
Jaky je konkretne problem?
Stahnete AdwCleaner 
.. Eset zachytil m s i e x e c . e x e
Doposial každy reagoval na tu baterku 
a nevyspatý 