Dobrý den,
prosím o radu, jak se zbavit Plus network.
Děkuji.
LOG:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bota at 2016-12-05 15:07:14
Microsoft Windows 7 Professional
System drive C: has 93 GB (76%) free of 122 GB
Total RAM: 4093 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:17, on 5.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7684 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {AA9EC3EE-4BA9-408F-B2E8-799D7B229251}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe" /s
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d51e483a-6065-414d-b4d6-6cbfba7f79f1 -SystemEventPortName:HostProcess-7657a683-5212-4c42-9f8a-25689c837c1e -IoCancelEventPortName:HostProcess-9f74dc9e-4b33-4f1e-82a7-712384a98614 -NonStateChangingEventPortName:HostProcess-55fdc493-2ac5-47ed-9b52-373963c2d2bb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:63fbf41a-b987-456b-b531-9156a88bf222
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2232.0.1732470057\366814302" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2232 "\\.\pipe\gecko-crash-server-pipe.2232" tab
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
"C:\Windows\System32\osk.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Bota\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23 2478880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-05 15:04:42 ----D---- C:\rsit
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 21:05:00 ----D---- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-05 10:41:15 ----RD---- C:\Program Files (x86)
2016-12-05 10:35:03 ----D---- C:\Windows\system32\drivers
2016-12-05 10:34:55 ----D---- C:\Windows\Temp
2016-12-05 10:31:46 ----D---- C:\Windows\System32
2016-12-05 10:31:46 ----D---- C:\Windows\inf
2016-12-05 10:31:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:16:55 ----D---- C:\Windows\system32\config
2016-12-04 21:07:52 ----D---- C:\Windows\system32\Tasks
2016-12-04 21:05:00 ----D---- C:\Windows
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 ady9e0y1;ady9e0y1; C:\Windows\system32\drivers\ady9e0y1.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-10-14 462624]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-05-18 327064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Plus network
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Plus network
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Plus network
# AdwCleaner v6.040 - Log vytvořen 05/12/2016 v 19:33:37
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-04.1 [Místní]
# Operační systém : Windows 7 Professional (X64)
# Uživatelské jméno : Bota - BOTA-PC
# Spuštěno z : C:\Users\Bota\Desktop\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: SpyHunter 4 Service
[-] Služba smazána: esgiguard
***** [ Složky ] *****
[#] Složka smazána po restartu: C:\Users\Bota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyhunter
[#] Složka smazána po restartu: C:\sh4ldr
[#] Složka smazána po restartu: C:\Program Files (x86)\DAEMON Tools Toolbar
[#] Složka smazána po restartu: C:\Program Files (x86)\Enigma Software Group
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Bota\Desktop\SpyHunter.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: SpyHunter4Startup
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Klíč smazán: HKU\S-1-5-21-598018308-2708025973-271803210-1000\Software\dt soft\daemon tools toolbar
[#] Klíč smazán po restartu: HKCU\Software\dt soft\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\EnigmaSoftwareGroup
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
[#] Klíč smazán po restartu: [x64] HKCU\Software\dt soft\daemon tools toolbar
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3025 Bajty] - [05/12/2016 19:33:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [3186 Bajty] - [05/12/2016 19:31:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3171 Bajty] ##########
Děkuji za pomoc, bohužel přesměrování stránek na Plus network mě zatím pořád trápí dál.
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-04.1 [Místní]
# Operační systém : Windows 7 Professional (X64)
# Uživatelské jméno : Bota - BOTA-PC
# Spuštěno z : C:\Users\Bota\Desktop\adwcleaner_6.040.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: SpyHunter 4 Service
[-] Služba smazána: esgiguard
***** [ Složky ] *****
[#] Složka smazána po restartu: C:\Users\Bota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyhunter
[#] Složka smazána po restartu: C:\sh4ldr
[#] Složka smazána po restartu: C:\Program Files (x86)\DAEMON Tools Toolbar
[#] Složka smazána po restartu: C:\Program Files (x86)\Enigma Software Group
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Bota\Desktop\SpyHunter.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: SpyHunter4Startup
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Klíč smazán: HKU\S-1-5-21-598018308-2708025973-271803210-1000\Software\dt soft\daemon tools toolbar
[#] Klíč smazán po restartu: HKCU\Software\dt soft\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\EnigmaSoftwareGroup
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
[#] Klíč smazán po restartu: [x64] HKCU\Software\dt soft\daemon tools toolbar
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3025 Bajty] - [05/12/2016 19:33:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [3186 Bajty] - [05/12/2016 19:31:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3171 Bajty] ##########
Děkuji za pomoc, bohužel přesměrování stránek na Plus network mě zatím pořád trápí dál.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Plus network
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Plus network
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bota at 2016-12-05 21:38:23
Microsoft Windows 7 Professional
System drive C: has 92 GB (76%) free of 122 GB
Total RAM: 4093 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:25, on 5.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7361 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b204c3d3-622c-48b2-8cae-a1bf10e25139 -SystemEventPortName:HostProcess-c13df0bf-4ccb-4071-a815-8f2a896d72be -IoCancelEventPortName:HostProcess-356560c3-915a-4f05-bc7e-043491989f02 -NonStateChangingEventPortName:HostProcess-c39e88e0-b803-4f3b-9e63-5c7e0d2d9aad -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ee5201a-68e5-4726-97e2-2036e2c568df
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="208.0.884022312\1522525768" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 208 "\\.\pipe\gecko-crash-server-pipe.208" tab
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23 2478880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\rsit
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 21:05:00 ----D---- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-05 19:39:44 ----D---- C:\Windows\Temp
2016-12-05 19:38:50 ----D---- C:\Windows\System32
2016-12-05 19:38:50 ----D---- C:\Windows\inf
2016-12-05 19:38:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-05 19:33:34 ----D---- C:\Windows\system32\Tasks
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-05 10:41:15 ----RD---- C:\Program Files (x86)
2016-12-05 10:35:03 ----D---- C:\Windows\system32\drivers
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:16:55 ----D---- C:\Windows\system32\config
2016-12-04 21:05:00 ----D---- C:\Windows
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 a6nn4zhk;a6nn4zhk; C:\Windows\system32\drivers\a6nn4zhk.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-10-14 462624]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Run by Bota at 2016-12-05 21:38:23
Microsoft Windows 7 Professional
System drive C: has 92 GB (76%) free of 122 GB
Total RAM: 4093 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:25, on 5.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7361 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b204c3d3-622c-48b2-8cae-a1bf10e25139 -SystemEventPortName:HostProcess-c13df0bf-4ccb-4071-a815-8f2a896d72be -IoCancelEventPortName:HostProcess-356560c3-915a-4f05-bc7e-043491989f02 -NonStateChangingEventPortName:HostProcess-c39e88e0-b803-4f3b-9e63-5c7e0d2d9aad -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ee5201a-68e5-4726-97e2-2036e2c568df
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="208.0.884022312\1522525768" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 208 "\\.\pipe\gecko-crash-server-pipe.208" tab
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23 2478880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\rsit
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 21:05:00 ----D---- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-05 19:39:44 ----D---- C:\Windows\Temp
2016-12-05 19:38:50 ----D---- C:\Windows\System32
2016-12-05 19:38:50 ----D---- C:\Windows\inf
2016-12-05 19:38:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-05 19:33:34 ----D---- C:\Windows\system32\Tasks
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-05 10:41:15 ----RD---- C:\Program Files (x86)
2016-12-05 10:35:03 ----D---- C:\Windows\system32\drivers
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:16:55 ----D---- C:\Windows\system32\config
2016-12-04 21:05:00 ----D---- C:\Windows
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 a6nn4zhk;a6nn4zhk; C:\Windows\system32\drivers\a6nn4zhk.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-10-14 462624]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Plus network
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
Nero BackItUp Scheduler 3
NMIndexingService
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Plus network
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bota at 2016-12-06 17:18:38
Microsoft Windows 7 Professional
System drive C: has 93 GB (76%) free of 122 GB
Total RAM: 4093 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:39, on 6.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6613 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-26a34186-9cc4-4363-9af7-a424e3bcffda -SystemEventPortName:HostProcess-c7d88393-59ef-4f1c-a067-9543bad041c5 -IoCancelEventPortName:HostProcess-a8b91768-8097-4359-9dec-360c9a32b97a -NonStateChangingEventPortName:HostProcess-9a81658d-f367-4b79-bd1c-93bfba6b2835 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:97c1ce10-37a0-4501-91e6-9995445bfc72
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4372.0.598241419\293676475" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4372 "\\.\pipe\gecko-crash-server-pipe.4372" tab
taskeng.exe {E74529AE-C140-481F-8644-6EF3A9DAF740}
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {ACE1EE41-2F35-4648-AA3E-FB52A8F7AA50}
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-06 17:12:12 ----D---- C:\rsit
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-06 17:15:40 ----D---- C:\Windows\system32\Tasks
2016-12-06 17:14:31 ----D---- C:\Windows\system32\config
2016-12-06 16:29:00 ----D---- C:\Windows\System32
2016-12-06 16:29:00 ----D---- C:\Windows\inf
2016-12-06 16:29:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-06 15:44:37 ----D---- C:\Windows\Temp
2016-12-06 15:41:26 ----D---- C:\Windows
2016-12-06 10:41:07 ----D---- C:\Windows\system32\drivers
2016-12-06 08:46:07 ----RD---- C:\Program Files (x86)
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aek8qncx;aek8qncx; C:\Windows\system32\drivers\aek8qncx.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Run by Bota at 2016-12-06 17:18:38
Microsoft Windows 7 Professional
System drive C: has 93 GB (76%) free of 122 GB
Total RAM: 4093 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:39, on 6.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6613 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-26a34186-9cc4-4363-9af7-a424e3bcffda -SystemEventPortName:HostProcess-c7d88393-59ef-4f1c-a067-9543bad041c5 -IoCancelEventPortName:HostProcess-a8b91768-8097-4359-9dec-360c9a32b97a -NonStateChangingEventPortName:HostProcess-9a81658d-f367-4b79-bd1c-93bfba6b2835 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:97c1ce10-37a0-4501-91e6-9995445bfc72
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4372.0.598241419\293676475" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4372 "\\.\pipe\gecko-crash-server-pipe.4372" tab
taskeng.exe {E74529AE-C140-481F-8644-6EF3A9DAF740}
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {ACE1EE41-2F35-4648-AA3E-FB52A8F7AA50}
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-06 17:12:12 ----D---- C:\rsit
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-06 17:15:40 ----D---- C:\Windows\system32\Tasks
2016-12-06 17:14:31 ----D---- C:\Windows\system32\config
2016-12-06 16:29:00 ----D---- C:\Windows\System32
2016-12-06 16:29:00 ----D---- C:\Windows\inf
2016-12-06 16:29:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-06 15:44:37 ----D---- C:\Windows\Temp
2016-12-06 15:41:26 ----D---- C:\Windows
2016-12-06 10:41:07 ----D---- C:\Windows\system32\drivers
2016-12-06 08:46:07 ----RD---- C:\Program Files (x86)
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aek8qncx;aek8qncx; C:\Windows\system32\drivers\aek8qncx.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Plus network
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Plus network
tak trochu, jednou odkaz otevře normálně, ale zkusím to opět po chvíli a zase mě to hodí na plus network.com
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bota at 2016-12-06 19:22:46
Microsoft Windows 7 Professional
System drive C: has 93 GB (76%) free of 122 GB
Total RAM: 4093 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:48, on 6.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6613 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-26a34186-9cc4-4363-9af7-a424e3bcffda -SystemEventPortName:HostProcess-c7d88393-59ef-4f1c-a067-9543bad041c5 -IoCancelEventPortName:HostProcess-a8b91768-8097-4359-9dec-360c9a32b97a -NonStateChangingEventPortName:HostProcess-9a81658d-f367-4b79-bd1c-93bfba6b2835 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:97c1ce10-37a0-4501-91e6-9995445bfc72
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4044.0.1896099729\591764038" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4044 "\\.\pipe\gecko-crash-server-pipe.4044" tab
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-06 17:12:12 ----D---- C:\rsit
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-06 17:15:40 ----D---- C:\Windows\system32\Tasks
2016-12-06 17:14:31 ----D---- C:\Windows\system32\config
2016-12-06 16:29:00 ----D---- C:\Windows\System32
2016-12-06 16:29:00 ----D---- C:\Windows\inf
2016-12-06 16:29:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-06 15:44:37 ----D---- C:\Windows\Temp
2016-12-06 15:41:26 ----D---- C:\Windows
2016-12-06 10:41:07 ----D---- C:\Windows\system32\drivers
2016-12-06 08:46:07 ----RD---- C:\Program Files (x86)
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aek8qncx;aek8qncx; C:\Windows\system32\drivers\aek8qncx.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bota at 2016-12-06 19:22:46
Microsoft Windows 7 Professional
System drive C: has 93 GB (76%) free of 122 GB
Total RAM: 4093 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:48, on 6.12.2016
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bota.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://no-stop.org/wpad.dat?8ebe1bd9e74 ... a221224828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6613 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-26a34186-9cc4-4363-9af7-a424e3bcffda -SystemEventPortName:HostProcess-c7d88393-59ef-4f1c-a067-9543bad041c5 -IoCancelEventPortName:HostProcess-a8b91768-8097-4359-9dec-360c9a32b97a -NonStateChangingEventPortName:HostProcess-9a81658d-f367-4b79-bd1c-93bfba6b2835 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:97c1ce10-37a0-4501-91e6-9995445bfc72
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4044.0.1896099729\591764038" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4044 "\\.\pipe\gecko-crash-server-pipe.4044" tab
"C:\Users\Bota\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
=========Mozilla firefox=========
ProfilePath - C:\Users\Bota\AppData\Roaming\Mozilla\Firefox\Profiles\vnqgoujx.default-1480872840278
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-22 790552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-22 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-11 766208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-22 9080768]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-06 17:12:12 ----D---- C:\rsit
2016-12-05 19:30:36 ----D---- C:\AdwCleaner
2016-12-05 15:04:42 ----D---- C:\Program Files\trend micro
2016-12-04 21:07:50 ----D---- C:\sh4ldr
2016-12-04 21:05:24 ----A---- C:\autoexec.bat
2016-12-04 21:05:18 ----D---- C:\Program Files (x86)\Enigma Software Group
2016-12-04 18:33:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-02 23:18:00 ----A---- C:\Windows\NeroDigital.ini
2016-11-28 17:02:22 ----D---- C:\ProgramData\KONAMI
2016-11-28 17:02:18 ----D---- C:\ProgramData\Steam
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dx11_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2016-11-28 17:00:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-28 17:00:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\XAudio2_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 17:00:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx11_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dx10_42.dll
2016-11-28 17:00:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-11-28 17:00:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-11-28 17:00:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-11-28 17:00:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-11-28 16:53:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 16:53:44 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-11-28 16:53:43 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-11-28 16:53:42 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-11-28 16:53:41 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-11-28 16:53:40 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-11-28 16:53:39 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-11-28 16:53:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-11-28 16:53:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-11-28 16:53:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-11-28 16:53:35 ----A---- C:\Windows\system32\d3dx10.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-11-28 16:53:34 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_2.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xinput1_1.dll
2016-11-28 16:53:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-11-28 16:53:32 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-11-28 16:53:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-11-28 16:53:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-11-28 16:53:29 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-11-28 16:53:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-11-28 16:53:28 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-11-28 16:53:27 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-11-28 16:53:27 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-11-28 16:15:15 ----A---- C:\Windows\GSetup.ini
2016-11-25 21:37:31 ----A---- C:\Windows\system32\drivers\athurx.sys
2016-11-25 21:37:31 ----A---- C:\Windows\system32\athurx.sys
2016-11-25 21:36:42 ----D---- C:\ProgramData\TP-LINK
2016-11-25 21:18:41 ----D---- C:\Program Files (x86)\FinalWire
2016-11-22 22:51:32 ----D---- C:\Users\Bota\AppData\Roaming\Opera Software
2016-11-22 21:56:59 ----D---- C:\Users\Bota\AppData\Roaming\Nero
2016-11-22 21:53:59 ----A---- C:\Windows\Irremote.ini
2016-11-22 21:53:30 ----D---- C:\ProgramData\Nero
2016-11-22 21:53:30 ----D---- C:\Program Files (x86)\Nero
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2016-11-22 21:52:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-11-22 21:47:49 ----D---- C:\BOTA
2016-11-22 21:42:35 ----D---- C:\Users\Bota\AppData\Roaming\vlc
2016-11-22 21:37:54 ----D---- C:\Program Files (x86)\WinRAR
2016-11-22 21:37:34 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-22 21:35:29 ----D---- C:\ProgramData\ProductData
2016-11-22 21:35:22 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-22 21:35:04 ----D---- C:\Users\Bota\AppData\Roaming\IObit
2016-11-22 21:34:56 ----D---- C:\ProgramData\IObit
2016-11-22 21:34:56 ----D---- C:\Program Files (x86)\IObit
2016-11-22 21:30:43 ----D---- C:\Users\Bota\AppData\Roaming\Sun
2016-11-22 21:30:38 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-11-22 21:30:25 ----D---- C:\ProgramData\Oracle
2016-11-22 21:30:22 ----D---- C:\Program Files (x86)\Java
2016-11-22 21:25:46 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 21:25:33 ----D---- C:\ProgramData\Adobe
2016-11-22 21:18:55 ----D---- C:\Program Files (x86)\Microsoft Works
2016-11-22 21:18:49 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2016-11-22 21:18:39 ----D---- C:\Windows\PCHEALTH
2016-11-22 21:17:28 ----D---- C:\Program Files\Microsoft Office
2016-11-22 21:17:24 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-11-22 21:17:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-22 21:17:06 ----D---- C:\Program Files (x86)\Microsoft Office
2016-11-22 21:16:57 ----RHD---- C:\MSOCache
2016-11-22 21:12:07 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2016-11-22 21:11:59 ----A---- C:\Windows\system32\drivers\sptd.sys
2016-11-22 21:11:50 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-22 21:11:36 ----D---- C:\Users\Bota\AppData\Roaming\DAEMON Tools Lite
2016-11-22 21:11:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-22 21:09:52 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-22 21:09:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Macromedia
2016-11-22 18:47:45 ----D---- C:\Users\Bota\AppData\Roaming\Adobe
2016-11-22 18:31:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-22 18:31:18 ----D---- C:\Windows\system32\Macromed
2016-11-22 18:31:16 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-22 18:27:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-11-22 17:19:11 ----D---- C:\Users\Bota\AppData\Roaming\AVAST Software
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files\AV
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswvmm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsp.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-11-22 17:18:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-11-22 17:17:58 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-22 17:17:58 ----A---- C:\Windows\system32\aswBoot.exe
2016-11-22 17:17:56 ----A---- C:\Windows\avastSS.scr
2016-11-22 17:15:17 ----D---- C:\Program Files\AVAST Software
2016-11-22 17:02:10 ----D---- C:\Users\Bota\AppData\Roaming\Mozilla
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronXHCI.sys
2016-11-22 16:57:15 ----A---- C:\Windows\system32\drivers\EtronHub3.sys
2016-11-22 16:57:14 ----D---- C:\Program Files (x86)\Etron Technology
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-22 16:47:34 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-22 16:47:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 16:47:30 ----D---- C:\Program Files (x86)\Realtek
2016-11-20 17:34:27 ----D---- C:\ProgramData\AVAST Software
2016-11-20 17:32:34 ----D---- C:\Users\Bota\AppData\Roaming\ATI
2016-11-20 17:32:34 ----D---- C:\ProgramData\ATI
2016-11-20 17:31:47 ----D---- C:\Program Files (x86)\AMD AVT
2016-11-20 17:31:31 ----D---- C:\ProgramData\AMD
2016-11-20 17:31:14 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-20 17:31:12 ----D---- C:\Program Files (x86)\ATI Technologies
2016-11-20 17:30:51 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-20 17:30:20 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\PresentationHost.exe
2016-11-20 17:30:08 ----A---- C:\Windows\system32\netfxperf.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\mscoree.dll
2016-11-20 17:30:08 ----A---- C:\Windows\system32\dfshim.dll
2016-11-20 17:29:46 ----D---- C:\ProgramData\Package Cache
2016-11-20 17:29:40 ----SHD---- C:\Windows\Installer
2016-11-20 17:29:33 ----D---- C:\Program Files\ATI Technologies
2016-11-20 17:29:27 ----D---- C:\Program Files\ATI
2016-11-20 17:28:34 ----D---- C:\AMD
2016-11-20 17:23:43 ----D---- C:\Windows\SoftwareDistribution
2016-11-20 17:21:45 ----D---- C:\Users\Bota\AppData\Roaming\Identities
2016-11-20 17:21:40 ----SD---- C:\Users\Bota\AppData\Roaming\Microsoft
2016-11-20 17:21:40 ----D---- C:\Users\Bota\AppData\Roaming\Media Center Programs
2016-11-20 17:21:02 ----SHD---- C:\Recovery
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Šablony
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Plocha
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Dokumenty
2016-11-20 17:21:02 ----SHD---- C:\ProgramData\Data aplikací
2016-11-20 17:17:42 ----D---- C:\Windows\Prefetch
2016-11-20 17:17:37 ----SHD---- C:\System Volume Information
2016-11-20 17:17:37 ----ASH---- C:\pagefile.sys
2016-11-20 17:17:37 ----ASH---- C:\hiberfil.sys
2016-11-20 17:17:04 ----D---- C:\Windows\Panther
======List of files/folders modified in the last 1 month======
2016-12-06 17:15:40 ----D---- C:\Windows\system32\Tasks
2016-12-06 17:14:31 ----D---- C:\Windows\system32\config
2016-12-06 16:29:00 ----D---- C:\Windows\System32
2016-12-06 16:29:00 ----D---- C:\Windows\inf
2016-12-06 16:29:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-06 15:44:37 ----D---- C:\Windows\Temp
2016-12-06 15:41:26 ----D---- C:\Windows
2016-12-06 10:41:07 ----D---- C:\Windows\system32\drivers
2016-12-06 08:46:07 ----RD---- C:\Program Files (x86)
2016-12-05 15:04:42 ----RD---- C:\Program Files
2016-12-04 21:27:18 ----D---- C:\Windows\system32\catroot2
2016-12-04 21:05:00 ----D---- C:\Program Files (x86)\Common Files
2016-12-04 18:27:34 ----HD---- C:\ProgramData
2016-12-03 02:52:39 ----D---- C:\Windows\debug
2016-12-02 18:42:22 ----D---- C:\Windows\Tasks
2016-11-30 23:04:03 ----D---- C:\Windows\Logs
2016-11-28 17:00:32 ----D---- C:\Windows\SysWOW64
2016-11-28 17:00:16 ----RSD---- C:\Windows\assembly
2016-11-28 16:53:31 ----D---- C:\Windows\Microsoft.NET
2016-11-26 20:55:13 ----D---- C:\Windows\system32\DriverStore
2016-11-25 22:00:17 ----SD---- C:\ProgramData\Microsoft
2016-11-25 21:50:10 ----D---- C:\Windows\system32\catroot
2016-11-25 21:48:19 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-25 21:48:19 ----D---- C:\Windows\system32\en-US
2016-11-22 21:55:17 ----D---- C:\Windows\winsxs
2016-11-22 21:53:29 ----D---- C:\Windows\Cursors
2016-11-22 21:18:53 ----D---- C:\Program Files (x86)\MSBuild
2016-11-22 21:18:48 ----D---- C:\Windows\ShellNew
2016-11-22 21:18:41 ----RSD---- C:\Windows\Fonts
2016-11-22 21:18:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-22 21:17:15 ----A---- C:\Windows\win.ini
2016-11-22 18:26:56 ----D---- C:\Windows\system32\wdi
2016-11-22 17:18:11 ----D---- C:\Program Files\Common Files
2016-11-22 16:48:44 ----D---- C:\Windows\system32\LogFiles
2016-11-20 17:31:37 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-20 17:29:42 ----D---- C:\Windows\system32\restore
2016-11-20 17:26:51 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-20 17:21:44 ----SHD---- C:\$Recycle.Bin
2016-11-20 17:21:40 ----RD---- C:\Users
2016-11-20 17:21:02 ----D---- C:\Program Files\Windows NT
2016-11-20 17:20:59 ----D---- C:\Windows\rescache
2016-11-20 17:19:01 ----D---- C:\Windows\system32\sysprep
2016-11-20 17:17:45 ----D---- C:\Windows\CSC
2016-11-20 17:16:41 ----D---- C:\Windows\Setup
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-11-22 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-11-22 293352]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-11-22 834544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-11-22 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-11-22 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-11-22 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-11-22 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-07-31 42240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-11-22 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-11-22 163416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-12 12760576]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-12 619008]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 aek8qncx;aek8qncx; C:\Windows\system32\drivers\aek8qncx.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-11-22 37656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2013-06-28 1930240]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-12 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-09-11 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-11-22 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Plus network
Ještě vyčistíme prohlížeče. Spusťte následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?