Prosím o preventivku :
Logfile of random's system information tool 1.10 (written by random/random)
Run by GEORG at 2015-11-15 11:46:22
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 8092 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:26, on 15. 11. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal
Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
B:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Users\GEORG\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files\trend micro\GEORG.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "B:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GarminExpressTrayApp] "B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\GEORG\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = GEORG\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - B:\Program Files\Garmin Expres\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: RealTimes Desktop Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13676 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"B:\Program Files\Garmin Expres\Garmin\Device Interaction Service\GarminService.exe"
"taskhost.exe"
taskeng.exe {96F00FAD-05A0-4D3F-B979-27F0EA9A63CB}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\DAODx.exe
"C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe"
"c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c909747c-0c1d-454e-8e90-7a0be49c175a -SystemEventPortName:HostProcess-302e9b2d-d467-40ec-9108-e6a8bd96e8cb -IoCancelEventPortName:HostProcess-833bee05-3f6c-4ddb-9f15-7179fe49cd32 -NonStateChangingEventPortName:HostProcess-8b40bdfc-78c2-4187-9183-e24d5f29f655 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6d399e8d-6b9b-486d-be08-504ef05e73b3 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 4263cbc1-e027-4120-a43b-d153345864f6
\??\C:\Windows\system32\conhost.exe "89243806-5693141301477517367-223436933-1739290540-91826502313481870831329265603
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-413993999-8375667399713978801877192890-570879661064151704-1725556920-96088023
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"B:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe"
"C:\Users\GEORG\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"B:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
taskeng.exe {A3DF8B16-B417-465A-B84C-9AC77BD1D6FF}
"C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe" /scheduler
"B:\Prevzaté súbory\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2149664754-2780428396-408555394-1000Core.job - C:\Users\GEORG\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2149664754-2780428396-408555394-1000UA.job - C:\Users\GEORG\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-06-17 614464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20 219304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-29 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2015-10-13 2339032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-06-17 513600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20 153768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-29 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2015-10-13 1731800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-08-27 1710568]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21 472992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=B:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"GarminExpressTrayApp"=B:\Program Files\Garmin Expres\Garmin\Express Tray\ExpressTray.exe [2015-10-29 1403304]
"Dropbox Update"=C:\Users\GEORG\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2015-05-18 550272]
"ASUS WiFi GO! FileTransfer Execute"=C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe [2013-06-21 1391416]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe [2013-06-26 5099840]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-08 6133520]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-02-20 1994752]
"AdobeCEPServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [2013-03-13 1039248]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06 597040]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Users\GEORG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\GEORG\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-15 11:46:22 ----D---- C:\rsit
2015-11-15 11:46:22 ----D---- C:\Program Files\trend micro
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\ngvECE8.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED2F.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED2E.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED1D.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED1C.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED1B.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED0B.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED0A.tmp
2015-11-15 10:47:27 ----A---- C:\Windows\system32\drivers\aswED09.tmp
2015-11-15 10:47:26 ----A---- C:\Windows\system32\aswBoot.exe
2015-11-15 10:28:14 ----D---- C:\Users\GEORG\AppData\Roaming\istartsurf
2015-11-15 10:24:59 ----D---- C:\ProgramData\msupd
2015-11-15 10:24:59 ----D---- C:\ProgramData\67D7ED03
2015-11-11 15:39:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-11 15:39:51 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-11 15:39:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-11 15:39:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-11 15:39:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wups2.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wups.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wudriver.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wucltux.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wuapp.exe
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wuapi.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 15:39:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-11 15:39:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-11 15:39:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-11 15:39:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-11 15:39:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-11 15:39:42 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-11 15:39:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 15:39:42 ----A---- C:\Windows\system32\iernonce.dll
2015-11-11 15:39:42 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-11 15:39:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-11 15:39:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-11 15:39:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-11 15:39:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-11 15:39:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-11 15:39:40 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 15:39:40 ----A---- C:\Windows\system32\occache.dll
2015-11-11 15:39:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 15:39:40 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-11 15:39:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-11 15:39:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 15:39:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-11 15:39:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-11 15:39:38 ----A---- C:\Windows\system32\iesetup.dll
2015-11-11 15:39:38 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 15:39:38 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-11 15:39:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-11 15:39:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-11 15:39:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-11 15:39:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-11 15:39:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-11 15:39:37 ----A---- C:\Windows\system32\vbscript.dll
2015-11-11 15:39:37 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-11 15:39:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-11 15:39:36 ----A---- C:\Windows\system32\ieui.dll
2015-11-11 15:39:36 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 15:39:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-11 15:39:35 ----A---- C:\Windows\system32\webcheck.dll
2015-11-11 15:39:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-11 15:39:35 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-11 15:39:35 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 15:39:35 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-11 15:39:34 ----A---- C:\Windows\system32\wininet.dll
2015-11-11 15:39:34 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-11 15:39:34 ----A---- C:\Windows\system32\jscript9.dll
2015-11-11 15:39:33 ----A---- C:\Windows\system32\msrating.dll
2015-11-11 15:39:33 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-11 15:39:33 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 15:39:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-11 15:39:13 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-11 15:39:13 ----A---- C:\Windows\system32\schannel.dll
2015-11-11 15:39:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:39:13 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 15:39:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-11 15:39:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-11 15:39:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-11 15:39:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-11 15:39:12 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-11 15:39:12 ----A---- C:\Windows\system32\ntdll.dll
2015-11-11 15:39:12 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-11 15:39:12 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-11 15:39:12 ----A---- C:\Windows\system32\kernel32.dll
2015-11-11 15:39:12 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-11 15:39:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-11 15:39:12 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-11 15:39:12 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-11 15:39:11 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-11 15:39:11 ----A---- C:\Windows\system32\wow64win.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\wow64.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\winsrv.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\wdigest.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\sspicli.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\srcore.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\srclient.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\smss.exe
2015-11-11 15:39:11 ----A---- C:\Windows\system32\secur32.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\rstrui.exe
2015-11-11 15:39:11 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\lsass.exe
2015-11-11 15:39:11 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-11 15:39:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-11 15:39:11 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\credssp.dll
2015-11-11 15:39:11 ----A---- C:\Windows\system32\conhost.exe
2015-11-11 15:39:11 ----A---- C:\Windows\system32\auditpol.exe
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-11 15:39:10 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-11 15:39:10 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-11 15:39:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-11 15:39:10 ----A---- C:\Windows\system32\adtschema.dll
2015-11-11 15:39:09 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-11 15:39:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-11 15:39:09 ----A---- C:\Windows\system32\msobjs.dll
2015-11-11 15:39:09 ----A---- C:\Windows\system32\msaudite.dll
2015-11-11 15:39:01 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 15:39:01 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 15:39:00 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-11 15:39:00 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-11 15:39:00 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-11 15:39:00 ----A---- C:\Windows\system32\shimeng.dll
2015-11-11 15:39:00 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-11 15:39:00 ----A---- C:\Windows\system32\apphelp.dll
2015-11-11 15:39:00 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-11 15:38:59 ----A---- C:\Windows\system32\win32k.sys
2015-11-11 15:38:58 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-11 15:38:57 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-11 15:38:57 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-11 15:38:57 ----A---- C:\Windows\system32\InkEd.dll
2015-11-10 20:42:53 ----A---- C:\Windows\system32\FNTCACHE.DAT
======List of files/folders modified in the last 1 month======
2015-11-15 11:46:22 ----RD---- C:\Program Files
2015-11-15 11:46:22 ----D---- C:\Windows\Temp
2015-11-15 11:07:00 ----SHD---- C:\Windows\Installer
2015-11-15 11:02:36 ----RD---- C:\Program Files (x86)
2015-11-15 11:02:27 ----D---- C:\Program Files (x86)\Google
2015-11-15 11:02:05 ----D---- C:\Windows\Tasks
2015-11-15 11:02:05 ----D---- C:\Windows\system32\Tasks
2015-11-15 11:00:22 ----SHD---- C:\System Volume Information
2015-11-15 10:53:53 ----D---- C:\Windows\System32
2015-11-15 10:53:53 ----D---- C:\Windows\inf
2015-11-15 10:53:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-15 10:47:47 ----A---- C:\Windows\PE_Rom.dll
2015-11-15 10:47:27 ----D---- C:\Windows\system32\drivers
2015-11-15 10:47:26 ----D---- C:\Windows
2015-11-15 10:47:14 ----D---- C:\Users\GEORG\AppData\Roaming\Dropbox
2015-11-15 10:47:03 ----D---- C:\Windows\system32\config
2015-11-15 10:46:41 ----D---- C:\ProgramData\NVIDIA
2015-11-15 10:46:39 ----D---- C:\Windows\winsxs
2015-11-15 10:46:38 ----D---- C:\Windows\system32\wbem
2015-11-15 10:45:57 ----D---- C:\Windows\system32\wfp
2015-11-15 10:45:57 ----D---- C:\Windows\system32\DriverStore
2015-11-15 10:45:57 ----D---- C:\Windows\system32\catroot2
2015-11-15 10:45:56 ----SD---- C:\Windows\system32\GWX
2015-11-15 10:45:56 ----D---- C:\Windows\system32\CodeIntegrity
2015-11-15 10:45:55 ----D---- C:\Windows\AutoKMS
2015-11-15 10:45:54 ----D---- C:\Windows\registration
2015-11-15 10:45:52 ----HD---- C:\ProgramData
2015-11-15 10:45:52 ----D---- C:\Users\GEORG\AppData\Roaming\uTorrent
2015-11-15 10:45:52 ----D---- C:\ProgramData\Real
2015-11-13 19:02:03 ----D---- C:\Windows\system32\LogFiles
2015-11-13 16:00:56 ----D---- C:\Windows\debug
2015-11-11 19:44:24 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-11-11 19:44:24 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-11 19:44:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-11 19:44:24 ----D---- C:\Windows\SysWOW64
2015-11-11 19:44:24 ----D---- C:\Windows\system32\cs-CZ
2015-11-11 19:44:23 ----D---- C:\Windows\system32\sk-SK
2015-11-11 19:44:23 ----D---- C:\Windows\system32\en-US
2015-11-11 19:44:23 ----D---- C:\Program Files\Internet Explorer
2015-11-11 19:44:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-11 19:44:22 ----D---- C:\Windows\system32\migration
2015-11-11 19:44:22 ----D---- C:\Windows\AppPatch
2015-11-11 17:59:15 ----D---- C:\Windows\system32\MRT
2015-11-11 17:57:52 ----D---- C:\Windows\Microsoft.NET
2015-11-11 17:55:39 ----RSD---- C:\Windows\assembly
2015-11-11 17:55:21 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 17:54:59 ----D---- C:\ProgramData\Microsoft Help
2015-11-11 17:46:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-11-11 17:44:16 ----A---- C:\Windows\win.ini
2015-11-11 17:44:05 ----D---- C:\Program Files\Windows Journal
2015-11-10 23:49:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-10 15:42:32 ----D---- C:\Windows\SoftwareDistribution
2015-11-06 15:08:29 ----D---- C:\ProgramData\Package Cache
2015-10-29 16:07:09 ----D---- C:\Program Files (x86)\Common Files
2015-10-27 20:01:28 ----SD---- C:\Users\GEORG\AppData\Roaming\Microsoft
2015-10-27 19:57:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-10-27 19:57:10 ----D---- C:\Program Files\Microsoft Office
2015-10-27 19:57:08 ----D---- C:\Program Files (x86)\Microsoft Office
2015-10-25 11:56:51 ----D---- C:\Windows\Panther
2015-10-25 11:53:32 ----HD---- C:\$Windows.~BT
2015-10-22 22:56:15 ----D---- C:\ProgramData\Oracle
2015-10-22 20:00:41 ----D---- C:\Windows\rescache
2015-10-22 19:35:43 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-22 19:35:36 ----D---- C:\Program Files\Java
2015-10-22 19:35:11 ----D---- C:\Program Files (x86)\Java
2015-10-21 21:07:01 ----D---- C:\Program Files (x86)\Rockstar Games
2015-10-21 21:06:53 ----D---- C:\Program Files\Rockstar Games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-29 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-29 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-29 132656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-09-02 564824]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2013-01-15 14464]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-29 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-08 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-08 449992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2013-02-21 32840]
R1 VDiskBus;ASUS Disk Unlocker; C:\Windows\system32\DRIVERS\VDiskBus64.sys [2012-06-01 42656]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-29 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-29 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-29 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-29 274336]
R3 AiChargerPlus;AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [2015-05-18 14848]
R3 ASFLTDrv.sys;ASFLTDrv.sys; \??\C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [2010-09-16 16512]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-08-16 140032]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2013-08-16 424192]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-26 805088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 Maplom;Maplom; C:\Windows\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\Windows\system32\drivers\MaplomL.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-09-17 920736]
R2 ASDiskUnlocker;ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [2012-06-18 262816]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-09-17 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [2012-11-09 1632256]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-29 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; B:\Program Files\Garmin Expres\Garmin\Device Interaction Service\GarminService.exe [2015-10-29 777744]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 1155192]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 5544568]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-25 937776]
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2015-06-17 31856]
R2 RealTimes Desktop Service;RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2015-07-05 1115224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-25 410744]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-29 4048280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-15 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-15 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
aha jako když mi skládali pc tak mi dali jen aktivátor mi chcete říct 
aspoň že se to tady dá zjistit. proto ty otázky typu či bude pc používaný ve firmě..
Jak to z toho logu vyčtu?
aspoň že se to tady dá zjistit. proto ty otázky typu či bude pc používaný ve firmě..Jak to z toho logu vyčtu?
Re: Preventivka
no tak dobré vedet, neni to moje první kontrola na foru , ale osobne se mi nic také ješte nestalo. až když jsem si nechal postavit novou sestavu pc . dík za info ohledne toho jak mne os*ali v tom obchode. jak ja osobne bych odhalil z toho logu že to neni original win?
Re: Preventivka
Chce to léta praxe a odříkánígeorg.x píše:jak ja osobne bych odhalil z toho logu že to neni original win?
Pokud chceš můžem ten aktivátor ustřelit a uvidíme co se bude dít.
Re: Preventivka
ustrelit? a jak? skusit sa to múže. to bude znamenat zase kupovat win když se to pototo?
Re: Preventivka
No může se stát pokud to smáznu (ustřelím), že Tě pak Microsoft označí za piráta.georg.x píše:ustrelit? a jak? skusit sa to múže. to bude znamenat zase kupovat win když se to pototo?
Re: Preventivka
no neva budu vedet na čem jsem.
Re: Preventivka
Tak jdeme na to.georg.x píše:no neva budu vedet na čem jsem.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\Windows\AutoKMS
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: Preventivka
Výsledek OTM:
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Windows\AutoKMS folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: GEORG
->Temp folder emptied: 26255797 bytes
->Temporary Internet Files folder emptied: 4809804 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 374490512 bytes
->Google Chrome cache emptied: 57517831 bytes
->Flash cache emptied: 2450 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 363860 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 39321 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58491309 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 498,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12312015_003800
Files moved on Reboot...
C:\Users\GEORG\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\GEORG\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\etilqs_dodG06fKPAOApcP moved successfully.
C:\Windows\temp\etilqs_EIbDZzeP6Bgm9Ad moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Výsledek AdwCleaner:
# AdwCleaner v5.027 - Logfile created 31/12/2015 at 00:44:01
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : GEORG - GEORG-PC
# Running from : B:\Prevzaté súbory\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\TData
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [905 bytes] ##########
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Windows\AutoKMS folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: GEORG
->Temp folder emptied: 26255797 bytes
->Temporary Internet Files folder emptied: 4809804 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 374490512 bytes
->Google Chrome cache emptied: 57517831 bytes
->Flash cache emptied: 2450 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 363860 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 39321 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58491309 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 498,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12312015_003800
Files moved on Reboot...
C:\Users\GEORG\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\GEORG\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\etilqs_dodG06fKPAOApcP moved successfully.
C:\Windows\temp\etilqs_EIbDZzeP6Bgm9Ad moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Výsledek AdwCleaner:
# AdwCleaner v5.027 - Logfile created 31/12/2015 at 00:44:01
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : GEORG - GEORG-PC
# Running from : B:\Prevzaté súbory\adwcleaner_5.027.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\TData
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [905 bytes] ##########
Re: Preventivka
Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!
tímto po sobě uklidí.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
tímto po sobě uklidí.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Přispějete na provoz fóra?