Dobrý den,
v počítači rodičů se objevil program. V názvech není ani čárka anglicky, všechno je vypsáno čísnkými znaky. Po odinstalování a restartu se jako bumerang vrátil zpátky.
Předem děkuji za pomoc.
Posílám log z RSITu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by František at 2016-03-26 13:57:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 26 GB (23%) free of 114 GB
Total RAM: 4066 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:57:19, on 26.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\František\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\František\AppData\Local\Temp\setup.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCTray.exe
C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\plugins\QMNetMon\QQPCNetFlow.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCRealTimeSpeedup.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCPatch.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=90098758_hao_pg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=90098758_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [setup] C:\Users\František\AppData\Local\Temp\setup.exe /start
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCTray.exe" /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Franti%c5%a1ek\Desktop\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = I:\Instalace\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCRTP.exe
O23 - Service: QQRepair505 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13939 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {B6DD3492-7B7B-48B5-8B3E-C23AF5F10F38}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"I:\Instalace\Programy\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
szndesktop.exe default start
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\František\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "988658601198736587948552622-1953321189-411694353355430779-1392201233680303166
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Users\František\AppData\Local\Temp\setup.exe" /start
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
WLIDSvcM.exe 2652
"I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
{DD9C4C76-6C0E-4686-9F5D-8CDD450FDFC6}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e9e2be9f-5e10-488a-bccf-c817420c1c61 -SystemEventPortName:HostProcess-9df735ec-1865-4c8a-a00c-a8786451a1f4 -IoCancelEventPortName:HostProcess-4eb51b6a-f1d7-413d-be01-46d76f768af9 -NonStateChangingEventPortName:HostProcess-ddbc6eb6-8ccf-486e-81af-22dd0c246299 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ab732611-3529-4582-af55-742e0005a259 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "5914353181547199900-67800629-114259046915529411712845219921559759316-518103377
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
{57407CB6-F519-43E1-80E5-8E5BFF2B04FE}
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {8F01E7AD-1F3D-4832-875C-6DB2AFF686D4}
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCRtp.exe" -r
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCTray.exe" /elevated /regrun
"C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe" -Embedding
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\plugins\QMNetMon\QQPCNetFlow.exe" /regrun /elevated
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCRealTimeSpeedup.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCPatch.exe"
"C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCPatch.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe" -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
wmiadap.exe /F /T /R
"C:\Users\František\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr]
"Description"=QQPCMgr Detector
"Path"=C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\npQMExtensionsMozilla.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=I:\Instalace\Programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\
foxmarks@kei.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\
ask-search.xml
askcom.xml
daemon-search.xml
Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSWebMon64.dat [2016-03-26 415584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-17 6602856]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-08 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-02-17 2789248]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-02-17 1903344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"GSplay.exe"=C:\Users\Frantia1ek\Desktop\GSplay.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-02 50599552]
"cz.seznam.software.autoupdate"=C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
I:\Instalace\Programy\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-12-15 1935888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-07-23 84576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
I:\INSTAL~1\Programy\Hamachi\hamachi.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22 5565448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"setup"=C:\Users\František\AppData\Local\Temp\setup.exe [2016-03-26 3484160]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCTray.exe [2016-03-26 355296]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - I:\Instalace\Programy\GamePark2\gpcl.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.mcsv"=prodad-mercalli-10-codec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-26 13:57:14 ----D---- C:\rsit
2016-03-26 13:57:14 ----D---- C:\Program Files\trend micro
2016-03-26 13:55:35 ----A---- C:\Windows\SYSWOW64\drivers\TsFltMgr.sys
2016-03-26 13:53:55 ----A---- C:\Windows\system32\drivers\TAOKernel64.sys
2016-03-26 13:53:55 ----A---- C:\Windows\system32\drivers\TAOAccelerator64.sys
2016-03-26 13:43:13 ----A---- C:\Windows\SYSWOW64\drivers\TS888x64.sys
2016-03-26 13:43:09 ----A---- C:\Windows\ntbtlog.txt
2016-03-26 12:08:46 ----A---- C:\Users\František\AppData\Roaming\GiftBag.db
2016-03-26 12:08:34 ----A---- C:\Windows\system32\drivers\TSSKX64.sys
2016-03-26 12:08:24 ----D---- C:\ProgramData\TXQMPC
2016-03-26 12:08:24 ----D---- C:\Program Files\Common Files\Tencent
2016-03-26 12:08:19 ----A---- C:\Windows\system32\drivers\TFsFltX64.sys
2016-03-26 12:08:12 ----D---- C:\Program Files (x86)\Tencent
2016-03-26 12:08:05 ----D---- C:\Users\František\AppData\Roaming\Tencent
2016-03-26 12:08:04 ----D---- C:\ProgramData\Tencent
2016-03-26 12:06:56 ----D---- C:\Program Files (x86)\Seznam.cz
2016-03-26 12:06:47 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2016-03-25 18:39:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 07:55:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-13 15:08:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkan-1.dll
2016-03-13 15:08:38 ----D---- C:\Program Files (x86)\VulkanRT
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglv64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvinitx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvIFR64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvFBC64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-03-13 15:06:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-03-13 15:06:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:58 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\occache.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 18:12:52 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 18:12:51 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 18:12:48 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\smss.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 18:12:17 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 18:12:17 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 18:12:14 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 18:12:14 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2016-03-26 13:57:16 ----D---- C:\Windows\Temp
2016-03-26 13:57:14 ----D---- C:\Program Files
2016-03-26 13:56:27 ----D---- C:\Windows\system32\config
2016-03-26 13:55:35 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-26 13:53:55 ----D---- C:\Windows\system32\drivers
2016-03-26 13:53:10 ----D---- C:\Users\František\AppData\Roaming\Skype
2016-03-26 13:53:08 ----D---- C:\ProgramData\VMware
2016-03-26 13:53:00 ----D---- C:\ProgramData\NVIDIA
2016-03-26 13:51:07 ----D---- C:\Windows\System32
2016-03-26 13:51:07 ----D---- C:\Windows\inf
2016-03-26 13:51:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-26 13:43:09 ----D---- C:\Windows
2016-03-26 13:05:26 ----HD---- C:\ProgramData
2016-03-26 12:26:13 ----RSD---- C:\Windows\assembly
2016-03-26 12:25:54 ----D---- C:\Windows\Logs
2016-03-26 12:08:27 ----RD---- C:\Users
2016-03-26 12:08:24 ----D---- C:\Program Files\Common Files
2016-03-26 12:08:22 ----RSD---- C:\Windows\Fonts
2016-03-26 12:08:21 ----D---- C:\Program Files (x86)\Common Files
2016-03-26 12:08:12 ----RD---- C:\Program Files (x86)
2016-03-26 12:05:38 ----D---- C:\Users\František\AppData\Roaming\uTorrent
2016-03-26 11:41:27 ----SHD---- C:\Windows\Installer
2016-03-25 21:06:33 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 21:06:33 ----SD---- C:\Windows\system32\GWX
2016-03-25 21:06:33 ----D---- C:\Windows\winsxs
2016-03-25 20:27:06 ----D---- C:\Windows\SysWOW64
2016-03-25 20:27:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 18:39:18 ----D---- C:\Windows\system32\Tasks
2016-03-25 18:39:10 ----D---- C:\ProgramData\AVAST Software
2016-03-25 18:39:10 ----D---- C:\Program Files\AVAST Software
2016-03-21 18:17:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 21:38:51 ----D---- C:\ProgramData\Microsoft Help
2016-03-13 15:09:07 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-13 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-03-12 11:47:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-11 16:02:04 ----D---- C:\Windows\rescache
2016-03-11 12:55:27 ----D---- C:\Windows\Microsoft.NET
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Windows\system32\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Program Files\Internet Explorer
2016-03-10 16:38:36 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 16:38:35 ----D---- C:\Windows\AppPatch
2016-03-10 16:38:35 ----D---- C:\Program Files\Windows Media Player
2016-03-10 16:38:35 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 21:47:28 ----D---- C:\Windows\system32\MRT
2016-03-09 21:42:55 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 21:42:53 ----D---- C:\Windows\system32\appraiser
2016-03-09 18:11:47 ----D---- C:\Windows\system32\catroot2
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvapi64.dll
2016-03-08 07:27:51 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-08 07:27:50 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvshext.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshext.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-25 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-19 283064]
R1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QMUdisk64.sys [2016-03-02 184536]
R1 TAOKernelDriver;Tencent Auto Optimize Platform.; \??\C:\Windows\system32\Drivers\TAOKernel64.sys [2016-03-26 131896]
R1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSDefenseBT64.sys [2016-03-26 28984]
R1 TSSysKit;TSSysKit; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSSysKit64.sys [2016-03-26 87352]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-20 165344]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQSysMonX64.sys [2016-03-26 138040]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-02-26 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-02-26 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-02-26 67664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-02-17 28032]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\Windows\system32\Drivers\TAOAccelerator64.sys [2016-03-26 89464]
R3 TFsFlt;TFsFlt; C:\Windows\system32\Drivers\TFsFltX64.sys [2016-03-26 87864]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2013-02-26 33360]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-02-26 20120]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\FRANTI~1\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BioNTDrv;BioNTDrv; \??\I:\Instalace\Programy\Paragon Software\Migrate OS to SSD\program\BioNTDrv.SYS [2011-03-01 19024]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [2011-01-05 11888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17058.221\softaal64.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TSSKX64;TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [2016-03-26 38200]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-02-17 1164672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-03-22 2550792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-03-22 417552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-02-17 1880960]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-02-17 2609024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2016-03-19 625304]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-02-06 214520]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QQPCRTP.exe [2016-03-26 301728]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-03-08 424384]
R2 VMAuthdService;VMware Authorization Service; I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe [2013-02-26 87120]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-02-26 357456]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-02-26 436304]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-02-17 6474112]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 QQRepair505;QQRepair505; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair505 []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-20 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Čínský program
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Čínský program
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Čínský program
Posílám log z AdwCleaneru:
# AdwCleaner v5.105 - Logfile created 26/03/2016 at 20:57:18
# Updated 21/03/2016 by Xplode
# Database : 2016-03-26.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : František - FRANTIŠEK-PC
# Running from : C:\Users\František\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : PanService
[-] Service Deleted : QMUdisk
[-] Service Deleted : TSSKX64
[-] Service Deleted : softaal
[-] Service Deleted : SRepairDrv
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\Program Files (x86)\SearchYa!
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\FRANTI~1\AppData\Local\Temp\tencent
[-] Folder Deleted : C:\Users\František\AppData\Local\apn
[-] Folder Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Folder Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\František\AppData\LocalLow\Ironsource
[-] Folder Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Files ] *****
[-] File Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\ask-search.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\daemon-search.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\search.xml
[-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{754DF2CE-51E8-4895-B53C-6381418B84AE}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Data Restored : HKU\S-1-5-21-1763343282-2861167241-2041139455-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1763343282-2861167241-2041139455-1000\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CE412F0D-3C46-41FF-ABA2-861BA9EC1926}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A4D27AAC-22F9-4F9A-85AA-61DFDEF1E089}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3F1FF1A8-4E80-42C1-B6ED-6488C15F7E54}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{95B0FFEC-4C24-4930-A983-924F39F3A3EB}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FEA101BD-B433-4523-8D8A-AE60104322C8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{461FF4AF-C861-432A-A8C2-3BDACF7BC090}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AD5B304D-569A-442B-B9F4-639DB7150600}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D8AD0D0B-14F0-48DF-B793-A158DFD6F4E6}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3B107C96-CF29-48E3-8B36-15053D81FEB7}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DE34B1B5-DED2-43A9-96C5-D88396EFE569}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{25C4B498-B7E1-4431-B71B-FC6AB1D6644F}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{26CCB4A5-48A9-0F73-E5BC-07201593F6C0}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnUpdater
***** [ Web browsers ] *****
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367857673785,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("datareporting.sessions.previous.3522", "{\"s\":1459001078097,\"a\":12,\"t\":75,\"c\":true,\"m\":335,\"fp\":2210,\"sr\":2345}");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.APN_TB.first-previous-keyword-url", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.cntry", "CZ");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hdrMd5", "350B9CA7D7934750EEE200C51AE8B104");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... 1619510533"[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.id", "7A790534F961C550");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.instlDay", "15596");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.lastVrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =161951053[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.sg", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=1619510[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "3HGNYW6BF44MO/LOEORP9KZARK4YA48UVLKKYZAVWPABKHCEDACHW+CI1U+BUWUQKUTQNGZHY/FD34SPSHB6YA");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... 1619510533"[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =161951053[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=1619510[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.id", "7A790534F961C550");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.instlDay", "15596");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchya.com
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchya!.com
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cjpglkicenollcignonpgiafdgfeehoj
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [21110 bytes] - [26/03/2016 20:57:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [21604 bytes] - [26/03/2016 20:54:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [21694 bytes] - [26/03/2016 20:56:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21332 bytes] ##########
# AdwCleaner v5.105 - Logfile created 26/03/2016 at 20:57:18
# Updated 21/03/2016 by Xplode
# Database : 2016-03-26.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : František - FRANTIŠEK-PC
# Running from : C:\Users\František\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : PanService
[-] Service Deleted : QMUdisk
[-] Service Deleted : TSSKX64
[-] Service Deleted : softaal
[-] Service Deleted : SRepairDrv
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\Program Files (x86)\SearchYa!
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\FRANTI~1\AppData\Local\Temp\tencent
[-] Folder Deleted : C:\Users\František\AppData\Local\apn
[-] Folder Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Folder Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\František\AppData\LocalLow\Ironsource
[-] Folder Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Files ] *****
[-] File Deleted : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\ask-search.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\daemon-search.xml
[-] File Deleted : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\searchplugins\search.xml
[-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{754DF2CE-51E8-4895-B53C-6381418B84AE}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Data Restored : HKU\S-1-5-21-1763343282-2861167241-2041139455-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1763343282-2861167241-2041139455-1000\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CE412F0D-3C46-41FF-ABA2-861BA9EC1926}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A4D27AAC-22F9-4F9A-85AA-61DFDEF1E089}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3F1FF1A8-4E80-42C1-B6ED-6488C15F7E54}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{95B0FFEC-4C24-4930-A983-924F39F3A3EB}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FEA101BD-B433-4523-8D8A-AE60104322C8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{461FF4AF-C861-432A-A8C2-3BDACF7BC090}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AD5B304D-569A-442B-B9F4-639DB7150600}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D8AD0D0B-14F0-48DF-B793-A158DFD6F4E6}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3B107C96-CF29-48E3-8B36-15053D81FEB7}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DE34B1B5-DED2-43A9-96C5-D88396EFE569}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{25C4B498-B7E1-4431-B71B-FC6AB1D6644F}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{26CCB4A5-48A9-0F73-E5BC-07201593F6C0}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnUpdater
***** [ Web browsers ] *****
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367857673785,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("datareporting.sessions.previous.3522", "{\"s\":1459001078097,\"a\":12,\"t\":75,\"c\":true,\"m\":335,\"fp\":2210,\"sr\":2345}");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.APN_TB.first-previous-keyword-url", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.cntry", "CZ");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hdrMd5", "350B9CA7D7934750EEE200C51AE8B104");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... 1619510533"[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.id", "7A790534F961C550");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.instlDay", "15596");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.lastVrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =161951053[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.sg", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=1619510[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "3HGNYW6BF44MO/LOEORP9KZARK4YA48UVLKKYZAVWPABKHCEDACHW+CI1U+BUWUQKUTQNGZHY/FD34SPSHB6YA");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc- ... 1619510533"[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc- ... =161951053[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc- ... cr=1619510[...]
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.id", "7A790534F961C550");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.instlDay", "15596");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.08:21:20");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.instlRef", "tc-100");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\user.js] [Preference] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchya.com
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchya!.com
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cjpglkicenollcignonpgiafdgfeehoj
[-] [C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [21110 bytes] - [26/03/2016 20:57:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [21604 bytes] - [26/03/2016 20:54:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [21694 bytes] - [26/03/2016 20:56:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21332 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Čínský program
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Čínský program
Nový log z RSITu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by František at 2016-03-26 22:18:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (24%) free of 114 GB
Total RAM: 4066 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:46, on 26.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Users\František\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Franti%c5%a1ek\Desktop\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = I:\Instalace\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12483 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
"I:\Instalace\Programy\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
szndesktop.exe default start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\František\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1021736647129683121536884466-2003120711-947552839-901187849-1791322172-1896926102
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
WLIDSvcM.exe 2564
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
{DBFC035F-B6F9-4A49-8576-404439760312}
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1b98a3f4-00f3-40dc-94e8-ff37398d2590 -SystemEventPortName:HostProcess-5fed2feb-bd34-48f5-a0fd-d88bf124166d -IoCancelEventPortName:HostProcess-c62e8dba-56f2-4b2f-b5fc-85389c89bf82 -NonStateChangingEventPortName:HostProcess-8ce674fa-e3c4-431b-b627-1c3863dd0408 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2d577d77-6af7-4aa2-88e2-42d28665104c -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "855656915-151244667816768189097032850721690077726-1231894354-346330088-2013267321
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
{32048940-61AB-44F9-91DA-5983F186AE25}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\František\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=I:\Instalace\Programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\
foxmarks@kei.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-17 6602856]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-08 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-02-17 2789248]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-02-17 1903344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"GSplay.exe"=C:\Users\Frantia1ek\Desktop\GSplay.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01 50670720]
"cz.seznam.software.autoupdate"=C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
I:\Instalace\Programy\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-12-15 1935888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-07-23 84576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
I:\INSTAL~1\Programy\Hamachi\hamachi.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22 5565448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - I:\Instalace\Programy\GamePark2\gpcl.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.mcsv"=prodad-mercalli-10-codec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-26 20:54:41 ----D---- C:\AdwCleaner
2016-03-26 13:57:14 ----D---- C:\rsit
2016-03-26 13:57:14 ----D---- C:\Program Files\trend micro
2016-03-26 12:08:46 ----A---- C:\Users\František\AppData\Roaming\GiftBag.db
2016-03-26 12:06:56 ----D---- C:\Program Files (x86)\Seznam.cz
2016-03-26 12:06:47 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2016-03-25 18:39:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 07:55:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-13 15:08:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkan-1.dll
2016-03-13 15:08:38 ----D---- C:\Program Files (x86)\VulkanRT
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglv64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvinitx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvIFR64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvFBC64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-03-13 15:06:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-03-13 15:06:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:58 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\occache.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 18:12:52 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 18:12:51 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 18:12:48 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\smss.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 18:12:17 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 18:12:17 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 18:12:14 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 18:12:14 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2016-03-26 22:18:46 ----D---- C:\Windows\Temp
2016-03-26 21:59:05 ----D---- C:\Users\František\AppData\Roaming\Skype
2016-03-26 21:04:05 ----D---- C:\Windows\System32
2016-03-26 21:04:05 ----D---- C:\Windows\inf
2016-03-26 21:04:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-26 20:59:03 ----SHD---- C:\Windows\Installer
2016-03-26 20:59:03 ----D---- C:\ProgramData\Skype
2016-03-26 20:58:58 ----RD---- C:\Program Files (x86)\Skype
2016-03-26 20:58:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-26 20:58:15 ----D---- C:\ProgramData\VMware
2016-03-26 20:58:09 ----D---- C:\ProgramData\NVIDIA
2016-03-26 20:57:33 ----D---- C:\Windows\system32\config
2016-03-26 20:57:20 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-26 20:57:20 ----D---- C:\Windows\system32\drivers
2016-03-26 20:57:19 ----RD---- C:\Program Files (x86)
2016-03-26 20:57:19 ----HD---- C:\ProgramData
2016-03-26 20:57:19 ----D---- C:\Program Files\Common Files
2016-03-26 15:46:35 ----D---- C:\Windows
2016-03-26 15:46:00 ----D---- C:\Windows\SoftwareDistribution
2016-03-26 15:44:13 ----D---- C:\Users\František\AppData\Roaming\uTorrent
2016-03-26 15:44:13 ----D---- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
2016-03-26 15:44:12 ----D---- C:\Windows\Logs
2016-03-26 15:44:12 ----D---- C:\Windows\debug
2016-03-26 15:39:26 ----D---- C:\Windows\pss
2016-03-26 15:03:22 ----D---- C:\Program Files (x86)\Google
2016-03-26 15:01:48 ----D---- C:\Users\František\AppData\Roaming\Yandex
2016-03-26 13:57:14 ----D---- C:\Program Files
2016-03-26 12:26:13 ----RSD---- C:\Windows\assembly
2016-03-26 12:08:27 ----RD---- C:\Users
2016-03-26 12:08:22 ----RSD---- C:\Windows\Fonts
2016-03-25 21:06:33 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 21:06:33 ----SD---- C:\Windows\system32\GWX
2016-03-25 21:06:33 ----D---- C:\Windows\winsxs
2016-03-25 20:27:06 ----D---- C:\Windows\SysWOW64
2016-03-25 20:27:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 18:39:18 ----D---- C:\Windows\system32\Tasks
2016-03-25 18:39:10 ----D---- C:\ProgramData\AVAST Software
2016-03-25 18:39:10 ----D---- C:\Program Files\AVAST Software
2016-03-21 18:17:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 21:38:51 ----D---- C:\ProgramData\Microsoft Help
2016-03-13 15:09:07 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-13 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-03-12 11:47:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-11 16:02:04 ----D---- C:\Windows\rescache
2016-03-11 12:55:27 ----D---- C:\Windows\Microsoft.NET
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Windows\system32\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Program Files\Internet Explorer
2016-03-10 16:38:36 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 16:38:35 ----D---- C:\Windows\AppPatch
2016-03-10 16:38:35 ----D---- C:\Program Files\Windows Media Player
2016-03-10 16:38:35 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 21:47:28 ----D---- C:\Windows\system32\MRT
2016-03-09 21:42:55 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 21:42:53 ----D---- C:\Windows\system32\appraiser
2016-03-09 18:11:47 ----D---- C:\Windows\system32\catroot2
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvapi64.dll
2016-03-08 07:27:51 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-08 07:27:50 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvshext.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshext.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-25 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-19 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-20 165344]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-02-26 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-02-26 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-02-26 67664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-02-17 28032]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2013-02-26 33360]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-02-26 20120]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\FRANTI~1\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BioNTDrv;BioNTDrv; \??\I:\Instalace\Programy\Paragon Software\Migrate OS to SSD\program\BioNTDrv.SYS [2011-03-01 19024]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [2011-01-05 11888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-02-17 1164672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-03-22 2550792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-03-22 417552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-02-17 1880960]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-02-17 2609024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-02-06 214520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-03-08 424384]
R2 VMAuthdService;VMware Authorization Service; I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe [2013-02-26 87120]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-02-26 357456]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-02-26 436304]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-02-17 6474112]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-20 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by František at 2016-03-26 22:18:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (24%) free of 114 GB
Total RAM: 4066 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:46, on 26.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Users\František\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Franti%c5%a1ek\Desktop\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = I:\Instalace\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12483 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
"I:\Instalace\Programy\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
szndesktop.exe default start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\František\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1021736647129683121536884466-2003120711-947552839-901187849-1791322172-1896926102
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
WLIDSvcM.exe 2564
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
{DBFC035F-B6F9-4A49-8576-404439760312}
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1b98a3f4-00f3-40dc-94e8-ff37398d2590 -SystemEventPortName:HostProcess-5fed2feb-bd34-48f5-a0fd-d88bf124166d -IoCancelEventPortName:HostProcess-c62e8dba-56f2-4b2f-b5fc-85389c89bf82 -NonStateChangingEventPortName:HostProcess-8ce674fa-e3c4-431b-b627-1c3863dd0408 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2d577d77-6af7-4aa2-88e2-42d28665104c -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "855656915-151244667816768189097032850721690077726-1231894354-346330088-2013267321
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
{32048940-61AB-44F9-91DA-5983F186AE25}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\František\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=I:\Instalace\Programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\
foxmarks@kei.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-17 6602856]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-08 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-02-17 2789248]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-02-17 1903344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"GSplay.exe"=C:\Users\Frantia1ek\Desktop\GSplay.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01 50670720]
"cz.seznam.software.autoupdate"=C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
I:\Instalace\Programy\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-12-15 1935888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-07-23 84576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
I:\INSTAL~1\Programy\Hamachi\hamachi.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22 5565448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - I:\Instalace\Programy\GamePark2\gpcl.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.mcsv"=prodad-mercalli-10-codec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-26 20:54:41 ----D---- C:\AdwCleaner
2016-03-26 13:57:14 ----D---- C:\rsit
2016-03-26 13:57:14 ----D---- C:\Program Files\trend micro
2016-03-26 12:08:46 ----A---- C:\Users\František\AppData\Roaming\GiftBag.db
2016-03-26 12:06:56 ----D---- C:\Program Files (x86)\Seznam.cz
2016-03-26 12:06:47 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2016-03-25 18:39:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 07:55:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-13 15:08:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-03-13 15:08:40 ----A---- C:\Windows\system32\vulkan-1.dll
2016-03-13 15:08:38 ----D---- C:\Program Files (x86)\VulkanRT
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvopencl.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglv64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvinitx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvIFR64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\NvFBC64.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvdispco6436451.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuvid.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\nvcuda.dll
2016-03-13 15:06:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-03-13 15:06:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-03-13 15:06:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 18:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 18:12:58 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wups.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 18:12:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 18:12:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 18:12:55 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 18:12:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 18:12:54 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 18:12:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\occache.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 18:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 18:12:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 18:12:52 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 18:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 18:12:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 18:12:51 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 18:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 18:12:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 18:12:49 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 18:12:48 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 18:12:23 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 18:12:23 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\smss.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 18:12:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 18:12:22 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 18:12:22 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 18:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 18:12:21 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 18:12:17 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 18:12:17 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 18:12:16 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 18:12:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 18:12:14 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 18:12:14 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 18:12:14 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2016-03-26 22:18:46 ----D---- C:\Windows\Temp
2016-03-26 21:59:05 ----D---- C:\Users\František\AppData\Roaming\Skype
2016-03-26 21:04:05 ----D---- C:\Windows\System32
2016-03-26 21:04:05 ----D---- C:\Windows\inf
2016-03-26 21:04:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-26 20:59:03 ----SHD---- C:\Windows\Installer
2016-03-26 20:59:03 ----D---- C:\ProgramData\Skype
2016-03-26 20:58:58 ----RD---- C:\Program Files (x86)\Skype
2016-03-26 20:58:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-26 20:58:15 ----D---- C:\ProgramData\VMware
2016-03-26 20:58:09 ----D---- C:\ProgramData\NVIDIA
2016-03-26 20:57:33 ----D---- C:\Windows\system32\config
2016-03-26 20:57:20 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-26 20:57:20 ----D---- C:\Windows\system32\drivers
2016-03-26 20:57:19 ----RD---- C:\Program Files (x86)
2016-03-26 20:57:19 ----HD---- C:\ProgramData
2016-03-26 20:57:19 ----D---- C:\Program Files\Common Files
2016-03-26 15:46:35 ----D---- C:\Windows
2016-03-26 15:46:00 ----D---- C:\Windows\SoftwareDistribution
2016-03-26 15:44:13 ----D---- C:\Users\František\AppData\Roaming\uTorrent
2016-03-26 15:44:13 ----D---- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
2016-03-26 15:44:12 ----D---- C:\Windows\Logs
2016-03-26 15:44:12 ----D---- C:\Windows\debug
2016-03-26 15:39:26 ----D---- C:\Windows\pss
2016-03-26 15:03:22 ----D---- C:\Program Files (x86)\Google
2016-03-26 15:01:48 ----D---- C:\Users\František\AppData\Roaming\Yandex
2016-03-26 13:57:14 ----D---- C:\Program Files
2016-03-26 12:26:13 ----RSD---- C:\Windows\assembly
2016-03-26 12:08:27 ----RD---- C:\Users
2016-03-26 12:08:22 ----RSD---- C:\Windows\Fonts
2016-03-25 21:06:33 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 21:06:33 ----SD---- C:\Windows\system32\GWX
2016-03-25 21:06:33 ----D---- C:\Windows\winsxs
2016-03-25 20:27:06 ----D---- C:\Windows\SysWOW64
2016-03-25 20:27:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 18:39:18 ----D---- C:\Windows\system32\Tasks
2016-03-25 18:39:10 ----D---- C:\ProgramData\AVAST Software
2016-03-25 18:39:10 ----D---- C:\Program Files\AVAST Software
2016-03-21 18:17:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 21:38:51 ----D---- C:\ProgramData\Microsoft Help
2016-03-13 15:09:07 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-13 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-03-12 11:47:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-11 16:02:04 ----D---- C:\Windows\rescache
2016-03-11 12:55:27 ----D---- C:\Windows\Microsoft.NET
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Windows\system32\en-US
2016-03-10 16:38:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 16:38:36 ----D---- C:\Program Files\Internet Explorer
2016-03-10 16:38:36 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 16:38:35 ----D---- C:\Windows\AppPatch
2016-03-10 16:38:35 ----D---- C:\Program Files\Windows Media Player
2016-03-10 16:38:35 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 21:47:28 ----D---- C:\Windows\system32\MRT
2016-03-09 21:42:55 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 21:42:53 ----D---- C:\Windows\system32\appraiser
2016-03-09 18:11:47 ----D---- C:\Windows\system32\catroot2
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-03-08 11:07:02 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-03-08 11:07:02 ----A---- C:\Windows\system32\nvapi64.dll
2016-03-08 07:27:51 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-08 07:27:50 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-08 07:27:49 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvshext.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-03-08 07:27:48 ----A---- C:\Windows\system32\nv3dappshext.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-25 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-19 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-20 165344]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-02-26 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-02-26 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-02-26 67664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-02-17 28032]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2013-02-26 33360]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-02-26 20120]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\FRANTI~1\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BioNTDrv;BioNTDrv; \??\I:\Instalace\Programy\Paragon Software\Migrate OS to SSD\program\BioNTDrv.SYS [2011-03-01 19024]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [2011-01-05 11888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-02-17 1164672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-03-22 2550792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-03-22 417552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-02-17 1880960]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-02-17 2609024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-02-06 214520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-03-08 424384]
R2 VMAuthdService;VMware Authorization Service; I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe [2013-02-26 87120]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-02-26 357456]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-02-26 436304]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-02-17 6474112]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-20 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Čínský program
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
EuGdiDrv
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Čínský program
Dobrý den,
při konání činnosti OTM vyběhla hláška o kritické chybě systému Windows, ale program v pořádku doběhl do konce a restartoval počítač.
Čínský program se mi podařilo včera vymazat v nouzovém režinu, s tím, že jsem zbytkové soubory smazal v normální režimu Windows.
Našel jsem na to video na Youtube.
Přikládám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by František at 2016-03-27 11:38:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (24%) free of 114 GB
Total RAM: 4066 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:36, on 27.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\František\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Franti%c5%a1ek\Desktop\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = I:\Instalace\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12193 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {C4ACA31A-C700-4B26-B54A-5EE1EB54C4EF}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1763343282-2861167241-2041139455-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1763343282-2861167241-2041139455-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2412
"I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e07a057-c3b8-41c7-8aee-bc3b618f4b81 -SystemEventPortName:HostProcess-1308d125-0156-4f01-a6e0-dd4311acb7d3 -IoCancelEventPortName:HostProcess-6d537f5f-c7fe-4606-b100-2239ce0ea7bc -NonStateChangingEventPortName:HostProcess-bde9ebbb-e300-44fa-a6c7-71f3412ffb72 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9bb71d0e-eaa3-41d8-b2c6-d57480c85bed -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\system32\sppsvc.exe
\??\C:\Windows\system32\conhost.exe "-1672298140620488529-163316699-352846021-14991151762079112500879923802815812368
taskeng.exe {707F4002-5AC6-4928-BD14-9DCC2A26D8C4}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"I:\Instalace\Programy\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
szndesktop.exe default start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\František\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
\??\C:\Windows\system32\conhost.exe "6954542301521167734-520470572-1381595128-16569199117862206451293160614796049746
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{EC1C508B-8DC2-467B-8D80-5D4554D17F35}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
{991C715B-CCD1-4EDA-951E-5F9D886FCDDE}
"C:\Users\František\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=I:\Instalace\Programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\
foxmarks@kei.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-17 6602856]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-08 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-02-17 2789248]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-02-17 1903344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"GSplay.exe"=C:\Users\Frantia1ek\Desktop\GSplay.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01 50670720]
"cz.seznam.software.autoupdate"=C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
I:\Instalace\Programy\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-12-15 1935888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-07-24 84576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
I:\INSTAL~1\Programy\Hamachi\hamachi.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22 5565448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - I:\Instalace\Programy\GamePark2\gpcl.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.mcsv"=prodad-mercalli-10-codec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-27 11:34:52 ----D---- C:\Windows\system32\%LOCALAPPDATA%
2016-03-27 11:34:36 ----D---- C:\_OTM
2016-03-26 21:54:41 ----D---- C:\AdwCleaner
2016-03-26 14:57:14 ----D---- C:\rsit
2016-03-26 14:57:14 ----D---- C:\Program Files\trend micro
2016-03-26 13:08:46 ----A---- C:\Users\František\AppData\Roaming\GiftBag.db
2016-03-26 13:06:56 ----D---- C:\Program Files (x86)\Seznam.cz
2016-03-26 13:06:47 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2016-03-25 19:39:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 08:55:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-13 16:08:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-13 16:08:40 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-03-13 16:08:40 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-03-13 16:08:40 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-03-13 16:08:40 ----A---- C:\Windows\system32\vulkan-1.dll
2016-03-13 16:08:38 ----D---- C:\Program Files (x86)\VulkanRT
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvopencl.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvoglv64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvinitx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\NvIFR64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\NvFBC64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvdispco6436451.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvcuvid.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvcuda.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-03-13 16:06:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-03-13 16:06:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 19:12:58 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wups.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 19:12:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 19:12:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 19:12:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 19:12:55 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 19:12:55 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 19:12:55 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\occache.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 19:12:52 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 19:12:51 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 19:12:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 19:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 19:12:48 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 19:12:23 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\smss.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 19:12:17 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 19:12:17 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 19:12:14 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:12:14 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2016-03-27 11:37:47 ----D---- C:\Windows\Temp
2016-03-27 11:36:31 ----D---- C:\ProgramData\VMware
2016-03-27 11:36:25 ----D---- C:\ProgramData\NVIDIA
2016-03-27 11:34:52 ----D---- C:\Windows\System32
2016-03-27 11:34:47 ----D---- C:\Windows\SysWOW64
2016-03-27 11:34:47 ----D---- C:\Windows
2016-03-27 11:34:37 ----D---- C:\Windows\Tasks
2016-03-27 10:53:55 ----D---- C:\Windows\inf
2016-03-27 10:53:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-27 10:53:48 ----D---- C:\Users\František\AppData\Roaming\Skype
2016-03-27 08:56:47 ----D---- C:\Windows\system32\config
2016-03-26 21:59:03 ----SHD---- C:\Windows\Installer
2016-03-26 21:59:03 ----D---- C:\ProgramData\Skype
2016-03-26 21:58:58 ----RD---- C:\Program Files (x86)\Skype
2016-03-26 21:58:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-26 21:57:20 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-26 21:57:20 ----D---- C:\Windows\system32\drivers
2016-03-26 21:57:19 ----RD---- C:\Program Files (x86)
2016-03-26 21:57:19 ----HD---- C:\ProgramData
2016-03-26 21:57:19 ----D---- C:\Program Files\Common Files
2016-03-26 16:46:00 ----D---- C:\Windows\SoftwareDistribution
2016-03-26 16:44:13 ----D---- C:\Users\František\AppData\Roaming\uTorrent
2016-03-26 16:44:13 ----D---- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
2016-03-26 16:44:12 ----D---- C:\Windows\Logs
2016-03-26 16:44:12 ----D---- C:\Windows\debug
2016-03-26 16:39:26 ----D---- C:\Windows\pss
2016-03-26 16:03:22 ----D---- C:\Program Files (x86)\Google
2016-03-26 16:01:48 ----D---- C:\Users\František\AppData\Roaming\Yandex
2016-03-26 14:57:14 ----D---- C:\Program Files
2016-03-26 13:26:13 ----RSD---- C:\Windows\assembly
2016-03-26 13:08:27 ----RD---- C:\Users
2016-03-26 13:08:22 ----RSD---- C:\Windows\Fonts
2016-03-25 22:06:33 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 22:06:33 ----SD---- C:\Windows\system32\GWX
2016-03-25 22:06:33 ----D---- C:\Windows\winsxs
2016-03-25 21:27:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 19:39:18 ----D---- C:\Windows\system32\Tasks
2016-03-25 19:39:10 ----D---- C:\ProgramData\AVAST Software
2016-03-25 19:39:10 ----D---- C:\Program Files\AVAST Software
2016-03-21 19:17:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 22:38:51 ----D---- C:\ProgramData\Microsoft Help
2016-03-13 16:09:07 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-13 16:08:47 ----D---- C:\Windows\system32\DriverStore
2016-03-12 12:47:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-11 17:02:04 ----D---- C:\Windows\rescache
2016-03-11 13:55:27 ----D---- C:\Windows\Microsoft.NET
2016-03-10 17:38:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 17:38:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 17:38:36 ----D---- C:\Windows\system32\en-US
2016-03-10 17:38:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 17:38:36 ----D---- C:\Program Files\Internet Explorer
2016-03-10 17:38:36 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 17:38:35 ----D---- C:\Windows\AppPatch
2016-03-10 17:38:35 ----D---- C:\Program Files\Windows Media Player
2016-03-10 17:38:35 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 22:47:28 ----D---- C:\Windows\system32\MRT
2016-03-09 22:42:55 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 22:42:53 ----D---- C:\Windows\system32\appraiser
2016-03-09 19:11:47 ----D---- C:\Windows\system32\catroot2
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-03-08 12:07:02 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-03-08 12:07:02 ----A---- C:\Windows\system32\nvapi64.dll
2016-03-08 08:27:51 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-08 08:27:50 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-08 08:27:49 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-08 08:27:49 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nvshext.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nv3dappshext.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-25 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-19 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-20 165344]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-02-26 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-02-26 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-02-26 67664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-02-17 28032]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2013-02-26 33360]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-02-26 20120]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\FRANTI~1\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BioNTDrv;BioNTDrv; \??\I:\Instalace\Programy\Paragon Software\Migrate OS to SSD\program\BioNTDrv.SYS [2011-03-01 19024]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [2011-01-05 11888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-02-17 1164672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-03-22 2550792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-03-22 417552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-02-17 1880960]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-02-17 2609024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-02-06 214520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-03-08 424384]
R2 VMAuthdService;VMware Authorization Service; I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe [2013-02-26 87120]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-02-26 357456]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-02-26 436304]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-02-17 6474112]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-20 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
při konání činnosti OTM vyběhla hláška o kritické chybě systému Windows, ale program v pořádku doběhl do konce a restartoval počítač.
Čínský program se mi podařilo včera vymazat v nouzovém režinu, s tím, že jsem zbytkové soubory smazal v normální režimu Windows.
Našel jsem na to video na Youtube.
Přikládám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by František at 2016-03-27 11:38:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (24%) free of 114 GB
Total RAM: 4066 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:36, on 27.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Users\František\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\trend micro\František.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Franti%c5%a1ek\Desktop\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: GamePark klient 2.lnk = I:\Instalace\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12193 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {C4ACA31A-C700-4B26-B54A-5EE1EB54C4EF}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1763343282-2861167241-2041139455-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1763343282-2861167241-2041139455-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2412
"I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e07a057-c3b8-41c7-8aee-bc3b618f4b81 -SystemEventPortName:HostProcess-1308d125-0156-4f01-a6e0-dd4311acb7d3 -IoCancelEventPortName:HostProcess-6d537f5f-c7fe-4606-b100-2239ce0ea7bc -NonStateChangingEventPortName:HostProcess-bde9ebbb-e300-44fa-a6c7-71f3412ffb72 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9bb71d0e-eaa3-41d8-b2c6-d57480c85bed -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
C:\Windows\system32\sppsvc.exe
\??\C:\Windows\system32\conhost.exe "-1672298140620488529-163316699-352846021-14991151762079112500879923802815812368
taskeng.exe {707F4002-5AC6-4928-BD14-9DCC2A26D8C4}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\František\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"I:\Instalace\Programy\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
szndesktop.exe default start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Users\František\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
\??\C:\Windows\system32\conhost.exe "6954542301521167734-520470572-1381595128-16569199117862206451293160614796049746
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{EC1C508B-8DC2-467B-8D80-5D4554D17F35}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
{991C715B-CCD1-4EDA-951E-5F9D886FCDDE}
"C:\Users\František\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files (x86)\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=I:\Instalace\Programy\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4i9tgnyk.default\extensions\
foxmarks@kei.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-17 6602856]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-08 500208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-02-17 2789248]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-02-17 1903344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"GSplay.exe"=C:\Users\Frantia1ek\Desktop\GSplay.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01 50670720]
"cz.seznam.software.autoupdate"=C:\Users\František\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\František\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14 1085656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
I:\Instalace\Programy\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe [2011-12-15 1935888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2013-07-24 84576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
I:\INSTAL~1\Programy\Hamachi\hamachi.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-03-22 5565448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - I:\Instalace\Programy\GamePark2\gpcl.exe
C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.mcsv"=prodad-mercalli-10-codec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-27 11:34:52 ----D---- C:\Windows\system32\%LOCALAPPDATA%
2016-03-27 11:34:36 ----D---- C:\_OTM
2016-03-26 21:54:41 ----D---- C:\AdwCleaner
2016-03-26 14:57:14 ----D---- C:\rsit
2016-03-26 14:57:14 ----D---- C:\Program Files\trend micro
2016-03-26 13:08:46 ----A---- C:\Users\František\AppData\Roaming\GiftBag.db
2016-03-26 13:06:56 ----D---- C:\Program Files (x86)\Seznam.cz
2016-03-26 13:06:47 ----D---- C:\Users\František\AppData\Roaming\Seznam.cz
2016-03-25 19:39:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-03-20 08:55:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-13 16:08:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-13 16:08:40 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2016-03-13 16:08:40 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2016-03-13 16:08:40 ----A---- C:\Windows\system32\vulkaninfo.exe
2016-03-13 16:08:40 ----A---- C:\Windows\system32\vulkan-1.dll
2016-03-13 16:08:38 ----D---- C:\Program Files (x86)\VulkanRT
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-03-13 16:06:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvopencl.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvoglv64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvinitx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\NvIFR64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\NvFBC64.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvdispgenco6436451.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvdispco6436451.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvcuvid.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\nvcuda.dll
2016-03-13 16:06:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-03-13 16:06:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-03-13 16:06:54 ----A---- C:\Windows\system32\nvcompiler.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 19:12:59 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 19:12:58 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 19:12:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wups.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 19:12:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 19:12:56 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 19:12:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 19:12:55 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 19:12:55 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 19:12:55 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 19:12:55 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 19:12:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 19:12:54 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 19:12:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\occache.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 19:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 19:12:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 19:12:52 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 19:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 19:12:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 19:12:51 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 19:12:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 19:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 19:12:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 19:12:49 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 19:12:48 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 19:12:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 19:12:23 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 19:12:23 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 19:12:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\smss.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 19:12:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 19:12:22 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 19:12:22 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 19:12:21 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 19:12:21 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 19:12:17 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 19:12:17 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 19:12:16 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 19:12:16 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 19:12:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 19:12:14 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:12:14 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 19:12:14 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2016-03-27 11:37:47 ----D---- C:\Windows\Temp
2016-03-27 11:36:31 ----D---- C:\ProgramData\VMware
2016-03-27 11:36:25 ----D---- C:\ProgramData\NVIDIA
2016-03-27 11:34:52 ----D---- C:\Windows\System32
2016-03-27 11:34:47 ----D---- C:\Windows\SysWOW64
2016-03-27 11:34:47 ----D---- C:\Windows
2016-03-27 11:34:37 ----D---- C:\Windows\Tasks
2016-03-27 10:53:55 ----D---- C:\Windows\inf
2016-03-27 10:53:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-27 10:53:48 ----D---- C:\Users\František\AppData\Roaming\Skype
2016-03-27 08:56:47 ----D---- C:\Windows\system32\config
2016-03-26 21:59:03 ----SHD---- C:\Windows\Installer
2016-03-26 21:59:03 ----D---- C:\ProgramData\Skype
2016-03-26 21:58:58 ----RD---- C:\Program Files (x86)\Skype
2016-03-26 21:58:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-26 21:57:20 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-26 21:57:20 ----D---- C:\Windows\system32\drivers
2016-03-26 21:57:19 ----RD---- C:\Program Files (x86)
2016-03-26 21:57:19 ----HD---- C:\ProgramData
2016-03-26 21:57:19 ----D---- C:\Program Files\Common Files
2016-03-26 16:46:00 ----D---- C:\Windows\SoftwareDistribution
2016-03-26 16:44:13 ----D---- C:\Users\František\AppData\Roaming\uTorrent
2016-03-26 16:44:13 ----D---- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
2016-03-26 16:44:12 ----D---- C:\Windows\Logs
2016-03-26 16:44:12 ----D---- C:\Windows\debug
2016-03-26 16:39:26 ----D---- C:\Windows\pss
2016-03-26 16:03:22 ----D---- C:\Program Files (x86)\Google
2016-03-26 16:01:48 ----D---- C:\Users\František\AppData\Roaming\Yandex
2016-03-26 14:57:14 ----D---- C:\Program Files
2016-03-26 13:26:13 ----RSD---- C:\Windows\assembly
2016-03-26 13:08:27 ----RD---- C:\Users
2016-03-26 13:08:22 ----RSD---- C:\Windows\Fonts
2016-03-25 22:06:33 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 22:06:33 ----SD---- C:\Windows\system32\GWX
2016-03-25 22:06:33 ----D---- C:\Windows\winsxs
2016-03-25 21:27:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-25 19:39:18 ----D---- C:\Windows\system32\Tasks
2016-03-25 19:39:10 ----D---- C:\ProgramData\AVAST Software
2016-03-25 19:39:10 ----D---- C:\Program Files\AVAST Software
2016-03-21 19:17:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 22:38:51 ----D---- C:\ProgramData\Microsoft Help
2016-03-13 16:09:07 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-13 16:08:47 ----D---- C:\Windows\system32\DriverStore
2016-03-12 12:47:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-11 17:02:04 ----D---- C:\Windows\rescache
2016-03-11 13:55:27 ----D---- C:\Windows\Microsoft.NET
2016-03-10 17:38:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 17:38:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 17:38:36 ----D---- C:\Windows\system32\en-US
2016-03-10 17:38:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 17:38:36 ----D---- C:\Program Files\Internet Explorer
2016-03-10 17:38:36 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 17:38:35 ----D---- C:\Windows\AppPatch
2016-03-10 17:38:35 ----D---- C:\Program Files\Windows Media Player
2016-03-10 17:38:35 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 22:47:28 ----D---- C:\Windows\system32\MRT
2016-03-09 22:42:55 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 22:42:53 ----D---- C:\Windows\system32\appraiser
2016-03-09 19:11:47 ----D---- C:\Windows\system32\catroot2
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-03-08 12:07:02 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-03-08 12:07:02 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-03-08 12:07:02 ----A---- C:\Windows\system32\nvapi64.dll
2016-03-08 08:27:51 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-08 08:27:50 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-08 08:27:49 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-08 08:27:49 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nvshext.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-03-08 08:27:48 ----A---- C:\Windows\system32\nv3dappshext.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2012-10-24 70296]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-25 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-19 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-20 165344]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2013-02-26 45720]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2013-02-26 30800]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2013-02-26 67664]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-18 2719336]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-02-17 28032]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2013-02-26 33360]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2013-02-26 20120]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\FRANTI~1\AppData\Local\Temp\ALSysIO64.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BioNTDrv;BioNTDrv; \??\I:\Instalace\Programy\Paragon Software\Migrate OS to SSD\program\BioNTDrv.SYS [2011-03-01 19024]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-09 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-21 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7673v1E0\NTIOLib_X64.sys [2011-01-05 11888]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-02-17 1164672]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-03-22 2550792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-03-22 417552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-02-17 1880960]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-02-17 2609024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-03-08 1264064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-02-06 214520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-03-08 424384]
R2 VMAuthdService;VMware Authorization Service; I:\Instalace\Programy\VMware\VMware Player\vmware-authd.exe [2013-02-26 87120]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2013-02-26 357456]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2013-02-26 436304]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-02-17 6474112]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-20 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Čínský program
Takže vše OK?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Čínský program
Vypadá to že jo.
Děkuji za pročistění počítače
Děkuji za pročistění počítače
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Čínský program
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?