Moc prosím o preventivku
Napsal: 23 led 2017 19:56
Logfile of random's system information tool 1.14 (written by random/random)
Run by Adrian at 2017-01-23 19:55:08
Microsoft Windows 10 Home
System drive C: has 160 GB (23%) free of 703 GB
Total RAM: 3971 MB (55% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:14, on 23. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~2\RELEVA~1\rlvknlg32.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files\trend micro\Adrian_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizace oznámení.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16142 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files (x86)\RelevantKnowledge\rlservice.exe" /service
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Windows\system32\TODDSrv.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\DllHost.exe /Processid:{448AEE3B-DC65-4AF6-BF5F-DCE86D62B6C7}
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -boot
"C:\PROGRA~2\RELEVA~1\rlvknlg64.exe" 9264
"C:\PROGRA~2\RELEVA~1\rlvknlg32.exe" 9264
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\AUDIODG.EXE 0x5fc
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Users\Adrian\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Norton Security Scan for Adrian.job - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\AutoKMSDaily - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\Norton Security Scan for Adrian - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck
C:\WINDOWS\system32\tasks\Resolution+ Setting Task - C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1470022667 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
C:\WINDOWS\system32\tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
C:\WINDOWS\system32\tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
C:\WINDOWS\system32\tasks\TOSHIBA\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
C:\WINDOWS\system32\tasks\TOSHIBA\Service Station - "C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
=========Mozilla firefox=========
ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\
trash
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\
seznam-avast.xml
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions.json
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\firefox-hotfix@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3410 - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
Plugin - Nokia Suite Enabler Plugin - 1.0.0.1 - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
Plugin - Microsoft Office 2016 - 16.0.4266.1001 - C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Microsoft Office 2016 - 16.0.4288.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Java(TM) Platform SE 8 U91 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.910.14 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Unity Player - 5.3.2.31412 - C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.163
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13 622984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-12-13 236744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2016-11-16 2179376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13 521608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2016-11-16 1524528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-05-03 391648]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08 3954880]
"Connectify Hotspot"=C:\Program Files (x86)\Connectify\Connectify.exe [2016-12-14 4131384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-29 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-18 4179288]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-20 9080768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizace oznámení.lnk - C:\Program Files\WinZip\WZUpdateNotifier.exe
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WinZip Preloader.lnk - C:\Program Files\WinZip\WzPreloader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-23 19:55:08 ----D---- C:\rsit
2017-01-17 16:06:03 ----A---- C:\WINDOWS\SYSWOW64\rlls.dll
2017-01-17 16:06:03 ----A---- C:\WINDOWS\system32\rlls64.dll
2017-01-16 20:11:48 ----D---- C:\Program Files (x86)\RelevantKnowledge
2017-01-16 20:11:25 ----AD---- C:\Program Files (x86)\Beneton Movie GIF
2017-01-13 20:39:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 20:39:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 20:39:48 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-13 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-13 20:39:44 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 20:39:38 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 20:39:15 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 20:39:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-13 20:38:54 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-13 20:38:53 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-13 20:38:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-13 20:38:50 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-13 20:38:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-13 20:38:36 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 20:38:34 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-13 20:38:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-13 20:38:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 20:38:27 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 20:38:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-13 20:38:21 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-13 20:38:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:17 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-13 20:38:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-13 20:38:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 20:38:05 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-13 20:37:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 20:37:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 20:37:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 20:37:46 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-13 20:37:42 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 20:37:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-13 20:37:37 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-13 20:37:34 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-04 18:48:50 ----AD---- C:\Program Files\CCleaner
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cnnctfy4.sys
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cfywlan2.sys
2017-01-03 18:38:58 ----AD---- C:\Program Files (x86)\Connectify
2017-01-03 18:36:46 ----D---- C:\ProgramData\Connectify
======List of files/folders modified in the last 1 month======
2017-01-23 19:55:13 ----D---- C:\Program Files\trend micro
2017-01-23 19:47:53 ----HD---- C:\ProgramData
2017-01-23 19:44:43 ----D---- C:\WINDOWS\Temp
2017-01-23 19:37:41 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-23 19:24:01 ----D---- C:\WINDOWS\system32\sru
2017-01-23 19:18:13 ----D---- C:\WINDOWS\system32\config
2017-01-23 19:11:54 ----D---- C:\WINDOWS\Prefetch
2017-01-23 19:02:02 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-23 18:50:17 ----D---- C:\WINDOWS\AppReadiness
2017-01-23 18:47:08 ----HD---- C:\Program Files\WindowsApps
2017-01-23 18:31:43 ----SHD---- C:\WINDOWS\Installer
2017-01-23 18:31:17 ----AD---- C:\WINDOWS\SysWOW64
2017-01-23 18:22:45 ----D---- C:\WINDOWS\system32\drivers
2017-01-19 21:32:01 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-19 21:23:07 ----D---- C:\WINDOWS\System32
2017-01-17 18:13:48 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2017-01-17 16:19:47 ----D---- C:\WINDOWS\INF
2017-01-17 16:06:53 ----D---- C:\WINDOWS\system32\Macromed
2017-01-17 16:06:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-01-17 16:02:44 ----D---- C:\WINDOWS\WinSxS
2017-01-17 15:55:28 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-17 15:53:39 ----D---- C:\Windows
2017-01-16 23:32:04 ----D---- C:\WINDOWS\system32\catroot2
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\wbem
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\oobe
2017-01-16 23:30:40 ----D---- C:\WINDOWS\ShellExperiences
2017-01-16 23:30:39 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-16 23:30:39 ----D---- C:\WINDOWS\Provisioning
2017-01-16 23:30:38 ----D---- C:\Program Files\Internet Explorer
2017-01-16 23:30:38 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-16 23:26:29 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft
2017-01-16 20:11:48 ----RD---- C:\Program Files (x86)
2017-01-16 18:11:14 ----D---- C:\ProgramData\Microsoft Help
2017-01-16 18:08:33 ----D---- C:\WINDOWS\CbsTemp
2017-01-16 17:45:30 ----D---- C:\WINDOWS\system32\MRT
2017-01-16 17:35:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-16 17:27:12 ----A---- C:\WINDOWS\win.ini
2017-01-15 15:46:27 ----SHD---- C:\System Volume Information
2017-01-15 13:53:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 09:16:07 ----D---- C:\ProgramData\VSO
2017-01-13 17:35:22 ----D---- C:\WINDOWS\system32\Tasks
2017-01-07 20:48:36 ----D---- C:\WINDOWS\rescache
2017-01-06 19:39:19 ----D---- C:\WINDOWS\Tasks
2017-01-06 19:31:17 ----D---- C:\Program Files (x86)\Google
2017-01-04 21:52:51 ----D---- C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-01-04 19:28:00 ----RSD---- C:\WINDOWS\assembly
2017-01-04 19:00:25 ----D---- C:\WINDOWS\debug
2017-01-04 18:59:16 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-04 18:52:49 ----D---- C:\Program Files\PDFCreator
2017-01-04 18:48:50 ----RD---- C:\Program Files
2017-01-03 23:23:09 ----AD---- C:\Program Files (x86)\HappyFoto-Designer
2017-01-03 19:16:24 ----D---- C:\Program Files\IDT
2017-01-03 18:48:07 ----D---- C:\WINDOWS\system32\LogFiles
2017-01-03 18:12:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 18:12:26 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\oobe
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\Sysprep
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-01-01 11:37:20 ----D---- C:\WINDOWS\system32\en-US
2017-01-01 11:37:19 ----D---- C:\WINDOWS\system32\Dism
2017-01-01 11:37:09 ----D---- C:\WINDOWS\servicing
2017-01-01 11:37:08 ----D---- C:\WINDOWS\bcastdvr
2017-01-01 11:37:08 ----D---- C:\WINDOWS\AppPatch
2017-01-01 11:37:05 ----D---- C:\WINDOWS\system32\Boot
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-08-27 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-08-27 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-08-27 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-18 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-28 513632]
R1 cfywlan2;@oem91.inf,%cfywlan2_Desc%;Connectify WLAN LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [2017-01-03 46088]
R1 cnnctfy4;@oem90.inf,%cnnctfy4_Desc%;Connectify LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [2017-01-03 53216]
R1 dtsoftbus01;@oem38.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-08-27 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-08-27 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem9.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem86.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-12-14 4251160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-05 84992]
R3 dtlitescsibus;@oem68.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-24 30264]
R3 dtliteusbbus;@oem72.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-24 47160]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem35.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem15.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_b4dd93f8c89bf485\nvlddmkm.sys [2016-09-12 13754936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-10-08 51392]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2015-07-23 561680]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-10-08 627392]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2015-05-25 210944]
S2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2015-05-25 22528]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-08-27 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-05 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-10-05 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-05 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iComp;Grabster AV 400 service; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [2012-11-30 1712424]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-10-17 39320]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-27 197128]
R2 CDPUserSvc_3c1cbb5;CDPUserSvc_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2016-12-14 257592]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_3c1cbb5;Hostitel synchronizace_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2013-08-17 186136]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2016-11-19 186760]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2015-07-23 350224]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-10-08 255168]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 PimIndexMaintenanceSvc_3c1cbb5;Data kontaktů_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_3c1cbb5;Služba zasílání zpráv_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-21 172488]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Run by Adrian at 2017-01-23 19:55:08
Microsoft Windows 10 Home
System drive C: has 160 GB (23%) free of 703 GB
Total RAM: 3971 MB (55% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:14, on 23. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~2\RELEVA~1\rlvknlg32.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\Program Files\trend micro\Adrian_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizace oznámení.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16142 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files (x86)\RelevantKnowledge\rlservice.exe" /service
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Windows\system32\TODDSrv.exe
C:\Program Files (x86)\Connectify\ConnectifyD.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\DllHost.exe /Processid:{448AEE3B-DC65-4AF6-BF5F-DCE86D62B6C7}
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -boot
"C:\PROGRA~2\RELEVA~1\rlvknlg64.exe" 9264
"C:\PROGRA~2\RELEVA~1\rlvknlg32.exe" 9264
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\AUDIODG.EXE 0x5fc
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Users\Adrian\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Norton Security Scan for Adrian.job - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\AutoKMSDaily - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\Norton Security Scan for Adrian - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck
C:\WINDOWS\system32\tasks\Resolution+ Setting Task - C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1470022667 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
C:\WINDOWS\system32\tasks\{8158CAA7-95C9-40B5-9406-F1C8E6C6635D} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)\RSE_BASSES.exe" -d "C:\Users\Adrian\Documents\Torrent\Guitar Pro 5.2 (with complete RSE packs)"
C:\WINDOWS\system32\tasks\{A3512072-3EEB-4167-A9AD-1360A3259C53} - C:\Windows\system32\pcalua.exe -a "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ\DVDShrink32015.exe" -d "C:\Users\Adrian\Documents\Torrent\DVD Shrink 3,2 + CZ"
C:\WINDOWS\system32\tasks\TOSHIBA\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
C:\WINDOWS\system32\tasks\TOSHIBA\Service Station - "C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
=========Mozilla firefox=========
ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\
trash
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\
seznam-avast.xml
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions.json
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\firefox-hotfix@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3410 - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
Plugin - Nokia Suite Enabler Plugin - 1.0.0.1 - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
Plugin - Microsoft Office 2016 - 16.0.4266.1001 - C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Microsoft Office 2016 - 16.0.4288.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Java(TM) Platform SE 8 U91 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.910.14 - 11.91.2.14 - C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Unity Player - 5.3.2.31412 - C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.163
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13 622984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-12-13 236744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2016-11-16 2179376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13 521608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2016-11-16 1524528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-05-03 391648]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08 3954880]
"Connectify Hotspot"=C:\Program Files (x86)\Connectify\Connectify.exe [2016-12-14 4131384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-29 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-18 4179288]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-20 9080768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizace oznámení.lnk - C:\Program Files\WinZip\WZUpdateNotifier.exe
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WinZip Preloader.lnk - C:\Program Files\WinZip\WzPreloader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-23 19:55:08 ----D---- C:\rsit
2017-01-17 16:06:03 ----A---- C:\WINDOWS\SYSWOW64\rlls.dll
2017-01-17 16:06:03 ----A---- C:\WINDOWS\system32\rlls64.dll
2017-01-16 20:11:48 ----D---- C:\Program Files (x86)\RelevantKnowledge
2017-01-16 20:11:25 ----AD---- C:\Program Files (x86)\Beneton Movie GIF
2017-01-13 20:39:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 20:39:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 20:39:48 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 20:39:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-13 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-13 20:39:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-13 20:39:44 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 20:39:43 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 20:39:38 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 20:39:15 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-13 20:39:03 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 20:39:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-13 20:39:01 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-13 20:39:00 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-13 20:38:59 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-13 20:38:58 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-13 20:38:57 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-13 20:38:56 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-13 20:38:54 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-13 20:38:53 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-13 20:38:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-13 20:38:50 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-13 20:38:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 20:38:49 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-13 20:38:48 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 20:38:47 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-13 20:38:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-13 20:38:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-13 20:38:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-13 20:38:38 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-13 20:38:36 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 20:38:34 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-13 20:38:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-13 20:38:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-13 20:38:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-13 20:38:29 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-13 20:38:28 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 20:38:27 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 20:38:26 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 20:38:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-13 20:38:21 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-13 20:38:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 20:38:17 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 20:38:16 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-13 20:38:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-13 20:38:15 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-13 20:38:14 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-13 20:38:13 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-13 20:38:12 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-13 20:38:11 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-13 20:38:10 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 20:38:09 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 20:38:08 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 20:38:07 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-13 20:38:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-13 20:38:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 20:38:05 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 20:38:05 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 20:38:04 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 20:38:03 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-13 20:38:02 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-13 20:38:00 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-13 20:37:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 20:37:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 20:37:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 20:37:46 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-13 20:37:43 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-13 20:37:42 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 20:37:39 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 20:37:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-13 20:37:37 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-13 20:37:36 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 20:37:35 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-13 20:37:34 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 20:37:33 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-04 18:48:50 ----AD---- C:\Program Files\CCleaner
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cnnctfy4.sys
2017-01-03 18:39:01 ----A---- C:\WINDOWS\system32\drivers\cfywlan2.sys
2017-01-03 18:38:58 ----AD---- C:\Program Files (x86)\Connectify
2017-01-03 18:36:46 ----D---- C:\ProgramData\Connectify
======List of files/folders modified in the last 1 month======
2017-01-23 19:55:13 ----D---- C:\Program Files\trend micro
2017-01-23 19:47:53 ----HD---- C:\ProgramData
2017-01-23 19:44:43 ----D---- C:\WINDOWS\Temp
2017-01-23 19:37:41 ----D---- C:\WINDOWS\system32\SleepStudy
2017-01-23 19:24:01 ----D---- C:\WINDOWS\system32\sru
2017-01-23 19:18:13 ----D---- C:\WINDOWS\system32\config
2017-01-23 19:11:54 ----D---- C:\WINDOWS\Prefetch
2017-01-23 19:02:02 ----RD---- C:\WINDOWS\Microsoft.NET
2017-01-23 18:50:17 ----D---- C:\WINDOWS\AppReadiness
2017-01-23 18:47:08 ----HD---- C:\Program Files\WindowsApps
2017-01-23 18:31:43 ----SHD---- C:\WINDOWS\Installer
2017-01-23 18:31:17 ----AD---- C:\WINDOWS\SysWOW64
2017-01-23 18:22:45 ----D---- C:\WINDOWS\system32\drivers
2017-01-19 21:32:01 ----D---- C:\WINDOWS\LiveKernelReports
2017-01-19 21:23:07 ----D---- C:\WINDOWS\System32
2017-01-17 18:13:48 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2017-01-17 16:19:47 ----D---- C:\WINDOWS\INF
2017-01-17 16:06:53 ----D---- C:\WINDOWS\system32\Macromed
2017-01-17 16:06:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-01-17 16:02:44 ----D---- C:\WINDOWS\WinSxS
2017-01-17 15:55:28 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-17 15:53:39 ----D---- C:\Windows
2017-01-16 23:32:04 ----D---- C:\WINDOWS\system32\catroot2
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\wbem
2017-01-16 23:30:42 ----D---- C:\WINDOWS\system32\oobe
2017-01-16 23:30:40 ----D---- C:\WINDOWS\ShellExperiences
2017-01-16 23:30:39 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-16 23:30:39 ----D---- C:\WINDOWS\Provisioning
2017-01-16 23:30:38 ----D---- C:\Program Files\Internet Explorer
2017-01-16 23:30:38 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-16 23:26:29 ----SD---- C:\Users\Adrian\AppData\Roaming\Microsoft
2017-01-16 20:11:48 ----RD---- C:\Program Files (x86)
2017-01-16 18:11:14 ----D---- C:\ProgramData\Microsoft Help
2017-01-16 18:08:33 ----D---- C:\WINDOWS\CbsTemp
2017-01-16 17:45:30 ----D---- C:\WINDOWS\system32\MRT
2017-01-16 17:35:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-16 17:27:12 ----A---- C:\WINDOWS\win.ini
2017-01-15 15:46:27 ----SHD---- C:\System Volume Information
2017-01-15 13:53:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 09:16:07 ----D---- C:\ProgramData\VSO
2017-01-13 17:35:22 ----D---- C:\WINDOWS\system32\Tasks
2017-01-07 20:48:36 ----D---- C:\WINDOWS\rescache
2017-01-06 19:39:19 ----D---- C:\WINDOWS\Tasks
2017-01-06 19:31:17 ----D---- C:\Program Files (x86)\Google
2017-01-04 21:52:51 ----D---- C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-01-04 19:28:00 ----RSD---- C:\WINDOWS\assembly
2017-01-04 19:00:25 ----D---- C:\WINDOWS\debug
2017-01-04 18:59:16 ----D---- C:\WINDOWS\SoftwareDistribution
2017-01-04 18:52:49 ----D---- C:\Program Files\PDFCreator
2017-01-04 18:48:50 ----RD---- C:\Program Files
2017-01-03 23:23:09 ----AD---- C:\Program Files (x86)\HappyFoto-Designer
2017-01-03 19:16:24 ----D---- C:\Program Files\IDT
2017-01-03 18:48:07 ----D---- C:\WINDOWS\system32\LogFiles
2017-01-03 18:12:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 18:12:26 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\oobe
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-01-01 11:37:37 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\Sysprep
2017-01-01 11:37:21 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-01-01 11:37:20 ----D---- C:\WINDOWS\system32\en-US
2017-01-01 11:37:19 ----D---- C:\WINDOWS\system32\Dism
2017-01-01 11:37:09 ----D---- C:\WINDOWS\servicing
2017-01-01 11:37:08 ----D---- C:\WINDOWS\bcastdvr
2017-01-01 11:37:08 ----D---- C:\WINDOWS\AppPatch
2017-01-01 11:37:05 ----D---- C:\WINDOWS\system32\Boot
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-08-27 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-14 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-08-27 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-08-27 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-18 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-28 513632]
R1 cfywlan2;@oem91.inf,%cfywlan2_Desc%;Connectify WLAN LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [2017-01-03 46088]
R1 cnnctfy4;@oem90.inf,%cnnctfy4_Desc%;Connectify LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [2017-01-03 53216]
R1 dtsoftbus01;@oem38.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-08-27 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-08-27 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem9.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem86.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-12-14 4251160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-05 84992]
R3 dtlitescsibus;@oem68.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-24 30264]
R3 dtliteusbbus;@oem72.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-24 47160]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem35.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem15.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_b4dd93f8c89bf485\nvlddmkm.sys [2016-09-12 13754936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-10-08 51392]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2015-07-23 561680]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-10-08 627392]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2015-05-25 210944]
S2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2015-05-25 22528]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-08-27 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-05 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-10-05 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-05 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iComp;Grabster AV 400 service; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [2012-11-30 1712424]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-10-17 39320]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-27 197128]
R2 CDPUserSvc_3c1cbb5;CDPUserSvc_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2016-12-14 257592]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_3c1cbb5;Hostitel synchronizace_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2013-08-17 186136]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2016-11-19 186760]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2015-07-23 350224]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-10-08 255168]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 PimIndexMaintenanceSvc_3c1cbb5;Data kontaktů_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_3c1cbb5;Služba zasílání zpráv_3c1cbb5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-21 172488]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
