Dobrý den, prosím o kontrolu PC.
Odpojuje se mi v minutových intervalech MP3 přehrávač a je velmi obtížné z něj něco stáhnout/nahrát.
Děkuji
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mordor at 2017-02-03 16:44:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (22%) free of 114 GB
Total RAM: 8154 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:01, on 3.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Steam\Steam.exe
C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
C:\Program Files\trend micro\Mordor_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9771 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"D:\Steam\Steam.exe" -silent
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-483028f7-a40e-45e4-b77e-e11899b13001 -SystemEventPortName:HostProcess-d68e7622-5d7d-4be3-80b4-62cefb54a862 -IoCancelEventPortName:HostProcess-4d3d10f2-e3a2-45ce-828b-360fc08738fe -NonStateChangingEventPortName:HostProcess-d3deb817-4422-43f8-91b4-12e253c50858 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:667fed3c-afee-445c-ad34-fb06eb102696 -DeviceGroupId:WpdFsGroup
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "6169120921252131784-825310408-17554070594134930552141565021469751144-1780616033
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
C:\Windows\system32\SearchIndexer.exe /Embedding
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Mordor\AppData\Local\Steam\htmlcache" "-steampid=2572" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6036.0.555832314\1957596396" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6036 "\\.\pipe\gecko-crash-server-pipe.6036" tab
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe" start
"C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe" -autoservice
"C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe" aggregation
"C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe" -autoservice
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 884 888 896 65536 892
"C:\Users\Mordor\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SmartShare - C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe tray
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2881103408-3670860739-8521875-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
=========Mozilla firefox=========
ProfilePath - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\addons.json
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\hsts-priming@mozilla.org.xpi
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.5
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-28 1610936]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2015-08-01 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2015-08-01 158208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-04-09 2397752]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-03-24 1767248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2017-01-20 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-07-30 4468056]
"Google Update"=C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16 601752]
"Google Photos Backup"=C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-11-13 3790936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-03 16:44:58 ----D---- C:\rsit
2017-02-03 16:44:58 ----D---- C:\Program Files\trend micro
2017-01-31 20:14:04 ----D---- C:\Users\Mordor\AppData\Roaming\GHISLER
2017-01-31 20:14:04 ----D---- C:\totalcmd
2017-01-31 20:14:04 ----A---- C:\Windows\UC.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\RAR.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKUNZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\LHA.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\ARJ.PIF
2017-01-14 11:15:28 ----D---- C:\ProgramData\SP_FT_Logs
2017-01-14 11:13:22 ----D---- C:\Users\Mordor\AppData\Roaming\Lenovo
2017-01-14 11:13:14 ----D---- C:\Program Files (x86)\Lenovo Smart Assistant
2017-01-14 10:21:11 ----D---- C:\Users\Mordor\AppData\Roaming\ADBDriverInstaller
2017-01-14 10:01:06 ----D---- C:\Program Files (x86)\Minimal ADB and Fastboot
2017-01-11 23:42:47 ----D---- C:\ProgramData\tmp
2017-01-11 23:42:47 ----D---- C:\ProgramData\hps
2017-01-11 23:40:36 ----D---- C:\Program Files\Fotolab
======List of files/folders modified in the last 1 month======
2017-02-03 16:44:58 ----RD---- C:\Program Files
2017-02-03 16:43:57 ----D---- C:\Windows\Temp
2017-02-03 16:38:38 ----D---- C:\Windows\System32
2017-02-03 16:38:38 ----D---- C:\Windows\inf
2017-02-03 16:38:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-03 16:34:43 ----D---- C:\Windows\system32\config
2017-02-03 16:31:47 ----D---- C:\ProgramData\NVIDIA
2017-01-31 20:14:04 ----D---- C:\Windows
2017-01-31 13:47:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 18:05:22 ----D---- C:\Users\Mordor\AppData\Roaming\vlc
2017-01-29 15:24:12 ----SHD---- C:\System Volume Information
2017-01-28 19:40:17 ----D---- C:\Program Files (x86)\TeamViewer
2017-01-20 13:50:17 ----SHD---- C:\Windows\Installer
2017-01-20 13:50:10 ----D---- C:\Windows\SysWOW64
2017-01-15 15:12:20 ----RD---- C:\Program Files (x86)
2017-01-14 11:51:07 ----D---- C:\Windows\system32\drivers
2017-01-14 11:45:16 ----D---- C:\Windows\system32\DriverStore
2017-01-14 11:15:28 ----HD---- C:\ProgramData
2017-01-11 10:18:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-11 10:18:11 ----D---- C:\Windows\system32\Macromed
2017-01-11 10:18:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-11 09:51:58 ----D---- C:\Windows\system32\Tasks
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-30 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-09 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-24 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-09 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2015-08-01 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2015-08-01 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2015-08-01 52640]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2015-08-01 47168]
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2016-05-17 146424]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-11 14376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2017-01-14 33280]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-08-22 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-11 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-04-09 1164856]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2016-10-04 2273424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-04-09 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-04-09 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-09 1264064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-28 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-09 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-19 10351856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-07-30 1268568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-04-09 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-20 1464096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-01-13 104120]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-01-13 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11 270936]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-01-13 50352]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-04 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-30 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-07-28 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-28 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-01-13 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-01-13 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-01-13 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka odpojuje se USB prehravac
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Zdravím!
Děje se tak ve všech portech USB, nebo pouze v jednom?
Děje se tak ve všech portech USB, nebo pouze v jednom?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Zdravím, pardón za zdržení.
Děje se tak ve všech portech. USB3 USB2
Na druhém PC to funguje bez problémů.
Děje se tak ve všech portech. USB3 USB2
Na druhém PC to funguje bez problémů.
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
OK. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
# AdwCleaner v6.043 - Log vytvořen 09/02/2017 v 19:58:52
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-09.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Mordor - MORDOR-PC
# Spuštěno z : C:\Users\Mordor\Downloads\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1218 Bajty] - [09/02/2017 19:58:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [1701 Bajty] - [09/02/2017 19:58:21]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1364 Bajty] ##########
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-09.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Mordor - MORDOR-PC
# Spuštěno z : C:\Users\Mordor\Downloads\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1218 Bajty] - [09/02/2017 19:58:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [1701 Bajty] - [09/02/2017 19:58:21]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1364 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mordor at 2017-02-09 22:23:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 8154 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:06, on 9.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Steam\Steam.exe
C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
C:\Program Files\trend micro\Mordor_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9893 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08ef853d-d8a7-428c-aba1-0ea00380427d -SystemEventPortName:HostProcess-e477fea1-3190-43aa-a91f-2bf481c6a92e -IoCancelEventPortName:HostProcess-0159c52c-4145-45ab-ad5b-85f202ec184b -NonStateChangingEventPortName:HostProcess-0b7973fc-b33f-4451-8a37-0ae381c2174e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e109bc98-a0ee-4526-b63e-0fe5f240a90b -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-363477-15715310701969418827-1682320804-410368582-1512286256-1376589998-1181375596
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"D:\Steam\Steam.exe" -silent
"C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Mordor\AppData\Local\Steam\htmlcache" "-steampid=3816" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6044.0.1864130893\297604396" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6044 "\\.\pipe\gecko-crash-server-pipe.6044" tab
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe" start
"C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe" -autoservice
"C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe" -autoservice
"C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe" aggregation
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Mordor\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SmartShare - C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe tray
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2881103408-3670860739-8521875-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
=========Mozilla firefox=========
ProfilePath - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\hsts-priming@mozilla.org.xpi
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.5
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-28 1610936]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2015-08-01 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2015-08-01 158208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-04-09 2397752]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-03-24 1767248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2017-01-20 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-07-30 4468056]
"Google Update"=C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16 601752]
"Google Photos Backup"=C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-11-13 3790936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-09 19:57:32 ----D---- C:\AdwCleaner
2017-02-05 11:14:25 ----SHD---- C:\Config.Msi
2017-02-05 11:12:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\UtcResources.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ie4uinit.exe
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\urlmon.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\occache.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\iedkcs32.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-05 11:12:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\iesetup.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\ieapfltr.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\dxtrans.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\diagtrack.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\vbscript.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\jsproxy.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieUnatt.exe
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieui.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieframe.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\dxtmsft.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\wininet.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\webcheck.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmled.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9diag.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\wmp.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\msrating.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\mshtml.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-02-05 11:12:05 ----A---- C:\Windows\system32\FntCache.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\DWrite.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\win32k.sys
2017-02-05 11:12:04 ----A---- C:\Windows\system32\ntdll.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\crypt32.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\blackbox.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\winload.exe
2017-02-05 11:12:03 ----A---- C:\Windows\system32\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\schannel.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\scavengeui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\rpcrt4.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\lsasrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\KernelBase.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kerberos.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-02-05 11:12:03 ----A---- C:\Windows\system32\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\audiosrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64win.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\winsrv.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\srcore.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\rpchttp.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\pcasvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\ncrypt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msiexec.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfps.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\EncDump.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\cng.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\consent.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\conhost.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\clfs.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\certcli.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\bcdedit.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\adtschema.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\user.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wow64cpu.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspisrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\smss.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rstrui.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcawrk.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcalua.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcaevts.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcadm.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msmmsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msihnd.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lsass.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\appid.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\csrsrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\audiodg.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appinfo.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidsvc.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\adsmsext.dll
2017-02-03 16:44:58 ----D---- C:\rsit
2017-02-03 16:44:58 ----D---- C:\Program Files\trend micro
2017-01-31 20:14:04 ----D---- C:\Users\Mordor\AppData\Roaming\GHISLER
2017-01-31 20:14:04 ----D---- C:\totalcmd
2017-01-31 20:14:04 ----A---- C:\Windows\UC.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\RAR.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKUNZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\LHA.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\ARJ.PIF
2017-01-14 11:15:28 ----D---- C:\ProgramData\SP_FT_Logs
2017-01-14 11:13:22 ----D---- C:\Users\Mordor\AppData\Roaming\Lenovo
2017-01-14 11:13:14 ----D---- C:\Program Files (x86)\Lenovo Smart Assistant
2017-01-14 10:21:11 ----D---- C:\Users\Mordor\AppData\Roaming\ADBDriverInstaller
2017-01-14 10:01:06 ----D---- C:\Program Files (x86)\Minimal ADB and Fastboot
2017-01-11 23:42:47 ----D---- C:\ProgramData\tmp
2017-01-11 23:42:47 ----D---- C:\ProgramData\hps
2017-01-11 23:40:36 ----D---- C:\Program Files\Fotolab
======List of files/folders modified in the last 1 month======
2017-02-09 20:06:17 ----D---- C:\Windows\System32
2017-02-09 20:06:17 ----D---- C:\Windows\inf
2017-02-09 20:06:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-09 19:59:28 ----D---- C:\Windows\Temp
2017-02-09 19:59:21 ----D---- C:\ProgramData\NVIDIA
2017-02-09 19:59:01 ----D---- C:\Windows\system32\config
2017-02-08 15:33:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-07 21:50:48 ----D---- C:\Program Files (x86)\TeamViewer
2017-02-07 12:11:42 ----D---- C:\Users\Mordor\AppData\Roaming\vlc
2017-02-06 16:06:08 ----D---- C:\Windows\system32\DriverStore
2017-02-05 12:38:10 ----D---- C:\Windows\rescache
2017-02-05 12:24:00 ----D---- C:\Windows\Microsoft.NET
2017-02-05 12:21:43 ----RSD---- C:\Windows\assembly
2017-02-05 11:56:27 ----D---- C:\Windows\winsxs
2017-02-05 11:55:49 ----D---- C:\Windows\system32\drivers
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\migration
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Windows\SysWOW64
2017-02-05 11:55:48 ----D---- C:\Windows\system32\migration
2017-02-05 11:55:48 ----D---- C:\Windows\system32\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\system32\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\system32\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Program Files\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files\Internet Explorer
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-02-05 11:55:47 ----D---- C:\Windows\system32\Boot
2017-02-05 11:55:47 ----D---- C:\Windows\AppPatch
2017-02-05 11:17:03 ----SHD---- C:\Windows\Installer
2017-02-05 11:14:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-02-05 11:12:29 ----D---- C:\Windows\system32\MRT
2017-02-05 11:12:26 ----AC---- C:\Windows\system32\MRT.exe
2017-02-05 11:12:22 ----SHD---- C:\System Volume Information
2017-02-05 11:09:29 ----D---- C:\Windows\system32\catroot2
2017-02-03 16:44:58 ----RD---- C:\Program Files
2017-01-31 20:14:04 ----D---- C:\Windows
2017-01-31 13:47:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-15 15:12:20 ----RD---- C:\Program Files (x86)
2017-01-14 11:15:28 ----HD---- C:\ProgramData
2017-01-11 10:18:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-11 10:18:11 ----D---- C:\Windows\system32\Macromed
2017-01-11 10:18:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-11 09:51:58 ----D---- C:\Windows\system32\Tasks
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-30 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-09 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-24 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-09 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2015-08-01 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2015-08-01 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2015-08-01 52640]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2015-08-01 47168]
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2016-05-17 146424]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-11 14376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2017-01-14 33280]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-08-22 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-11 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-04-09 1164856]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2016-10-04 2273424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-04-09 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-04-09 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-09 1264064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-28 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-09 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-19 10351856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-07-30 1268568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-04-09 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-20 1464096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-02-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-02-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11 270936]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-02-05 51384]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-02-08 1494024]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-02-05 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-30 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-07-28 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-28 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
-----------------EOF-----------------
Run by Mordor at 2017-02-09 22:23:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 8154 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:06, on 9.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Steam\Steam.exe
C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
C:\Program Files\trend micro\Mordor_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9893 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08ef853d-d8a7-428c-aba1-0ea00380427d -SystemEventPortName:HostProcess-e477fea1-3190-43aa-a91f-2bf481c6a92e -IoCancelEventPortName:HostProcess-0159c52c-4145-45ab-ad5b-85f202ec184b -NonStateChangingEventPortName:HostProcess-0b7973fc-b33f-4451-8a37-0ae381c2174e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e109bc98-a0ee-4526-b63e-0fe5f240a90b -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-363477-15715310701969418827-1682320804-410368582-1512286256-1376589998-1181375596
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"D:\Steam\Steam.exe" -silent
"C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Mordor\AppData\Local\Steam\htmlcache" "-steampid=3816" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6044.0.1864130893\297604396" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6044 "\\.\pipe\gecko-crash-server-pipe.6044" tab
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe" start
"C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe" -autoservice
"C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe" -autoservice
"C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe" aggregation
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Mordor\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SmartShare - C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe tray
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2881103408-3670860739-8521875-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
=========Mozilla firefox=========
ProfilePath - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\hsts-priming@mozilla.org.xpi
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.5
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-28 1610936]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2015-08-01 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2015-08-01 158208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-04-09 2397752]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-03-24 1767248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2017-01-20 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-07-30 4468056]
"Google Update"=C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16 601752]
"Google Photos Backup"=C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-11-13 3790936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-09 19:57:32 ----D---- C:\AdwCleaner
2017-02-05 11:14:25 ----SHD---- C:\Config.Msi
2017-02-05 11:12:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\UtcResources.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ie4uinit.exe
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\urlmon.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\occache.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\iedkcs32.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-05 11:12:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\iesetup.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\ieapfltr.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\dxtrans.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\diagtrack.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\vbscript.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\jsproxy.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieUnatt.exe
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieui.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieframe.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\dxtmsft.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\wininet.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\webcheck.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmled.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9diag.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\wmp.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\msrating.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\mshtml.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-02-05 11:12:05 ----A---- C:\Windows\system32\FntCache.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\DWrite.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\win32k.sys
2017-02-05 11:12:04 ----A---- C:\Windows\system32\ntdll.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\crypt32.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\blackbox.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\winload.exe
2017-02-05 11:12:03 ----A---- C:\Windows\system32\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\schannel.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\scavengeui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\rpcrt4.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\lsasrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\KernelBase.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kerberos.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-02-05 11:12:03 ----A---- C:\Windows\system32\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\audiosrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64win.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\winsrv.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\srcore.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\rpchttp.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\pcasvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\ncrypt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msiexec.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfps.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\EncDump.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\cng.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\consent.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\conhost.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\clfs.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\certcli.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\bcdedit.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\adtschema.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\user.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wow64cpu.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspisrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\smss.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rstrui.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcawrk.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcalua.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcaevts.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcadm.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msmmsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msihnd.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lsass.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\appid.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\csrsrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\audiodg.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appinfo.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidsvc.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\adsmsext.dll
2017-02-03 16:44:58 ----D---- C:\rsit
2017-02-03 16:44:58 ----D---- C:\Program Files\trend micro
2017-01-31 20:14:04 ----D---- C:\Users\Mordor\AppData\Roaming\GHISLER
2017-01-31 20:14:04 ----D---- C:\totalcmd
2017-01-31 20:14:04 ----A---- C:\Windows\UC.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\RAR.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKUNZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\LHA.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\ARJ.PIF
2017-01-14 11:15:28 ----D---- C:\ProgramData\SP_FT_Logs
2017-01-14 11:13:22 ----D---- C:\Users\Mordor\AppData\Roaming\Lenovo
2017-01-14 11:13:14 ----D---- C:\Program Files (x86)\Lenovo Smart Assistant
2017-01-14 10:21:11 ----D---- C:\Users\Mordor\AppData\Roaming\ADBDriverInstaller
2017-01-14 10:01:06 ----D---- C:\Program Files (x86)\Minimal ADB and Fastboot
2017-01-11 23:42:47 ----D---- C:\ProgramData\tmp
2017-01-11 23:42:47 ----D---- C:\ProgramData\hps
2017-01-11 23:40:36 ----D---- C:\Program Files\Fotolab
======List of files/folders modified in the last 1 month======
2017-02-09 20:06:17 ----D---- C:\Windows\System32
2017-02-09 20:06:17 ----D---- C:\Windows\inf
2017-02-09 20:06:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-09 19:59:28 ----D---- C:\Windows\Temp
2017-02-09 19:59:21 ----D---- C:\ProgramData\NVIDIA
2017-02-09 19:59:01 ----D---- C:\Windows\system32\config
2017-02-08 15:33:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-07 21:50:48 ----D---- C:\Program Files (x86)\TeamViewer
2017-02-07 12:11:42 ----D---- C:\Users\Mordor\AppData\Roaming\vlc
2017-02-06 16:06:08 ----D---- C:\Windows\system32\DriverStore
2017-02-05 12:38:10 ----D---- C:\Windows\rescache
2017-02-05 12:24:00 ----D---- C:\Windows\Microsoft.NET
2017-02-05 12:21:43 ----RSD---- C:\Windows\assembly
2017-02-05 11:56:27 ----D---- C:\Windows\winsxs
2017-02-05 11:55:49 ----D---- C:\Windows\system32\drivers
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\migration
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Windows\SysWOW64
2017-02-05 11:55:48 ----D---- C:\Windows\system32\migration
2017-02-05 11:55:48 ----D---- C:\Windows\system32\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\system32\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\system32\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Program Files\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files\Internet Explorer
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-02-05 11:55:47 ----D---- C:\Windows\system32\Boot
2017-02-05 11:55:47 ----D---- C:\Windows\AppPatch
2017-02-05 11:17:03 ----SHD---- C:\Windows\Installer
2017-02-05 11:14:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-02-05 11:12:29 ----D---- C:\Windows\system32\MRT
2017-02-05 11:12:26 ----AC---- C:\Windows\system32\MRT.exe
2017-02-05 11:12:22 ----SHD---- C:\System Volume Information
2017-02-05 11:09:29 ----D---- C:\Windows\system32\catroot2
2017-02-03 16:44:58 ----RD---- C:\Program Files
2017-01-31 20:14:04 ----D---- C:\Windows
2017-01-31 13:47:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-15 15:12:20 ----RD---- C:\Program Files (x86)
2017-01-14 11:15:28 ----HD---- C:\ProgramData
2017-01-11 10:18:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-11 10:18:11 ----D---- C:\Windows\system32\Macromed
2017-01-11 10:18:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-11 09:51:58 ----D---- C:\Windows\system32\Tasks
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-30 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-09 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-24 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-09 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2015-08-01 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2015-08-01 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2015-08-01 52640]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2015-08-01 47168]
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2016-05-17 146424]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-11 14376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2017-01-14 33280]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-08-22 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-11 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-04-09 1164856]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2016-10-04 2273424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-04-09 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-04-09 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-09 1264064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-28 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-09 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-19 10351856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-07-30 1268568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-04-09 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-20 1464096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-02-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-02-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11 270936]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-02-05 51384]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-02-08 1494024]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-02-05 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-30 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-07-28 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-28 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Logfile of random's system information tool 1.14 (written by random/random)
Run by Mordor at 2017-02-11 19:25:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (21%) free of 114 GB
Total RAM: 8154 MB (73% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:25:56, on 11.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Steam\Steam.exe
C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Mordor_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9600 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-785a72ab-03dd-4466-b953-9fa580ab9c31 -SystemEventPortName:HostProcess-1872a644-1389-43d6-93f6-d53c91204268 -IoCancelEventPortName:HostProcess-f54ad71e-f324-4ae9-a37c-f5c70d20fc1f -NonStateChangingEventPortName:HostProcess-6489f4ac-f0dc-47f0-830e-1edd663815bc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c5c9db9a-5d22-4b97-8f56-de851a689693 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-938054914-132488739613585393291273956803-1970678657-2030809631-1916493105-1836781855
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"D:\Steam\Steam.exe" -silent
"C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Mordor\AppData\Local\Steam\htmlcache" "-steampid=1232" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5052.5.1464753799\1056515531" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 5052 "\\.\pipe\gecko-crash-server-pipe.5052" tab
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Mordor\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SmartShare - C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe tray
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2881103408-3670860739-8521875-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
=========Mozilla firefox=========
ProfilePath - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\hsts-priming@mozilla.org.xpi
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.5
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-28 1610936]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2015-08-01 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2015-08-01 158208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-04-09 2397752]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-03-24 1767248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2017-01-20 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-07-30 4468056]
"Google Update"=C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16 601752]
"Google Photos Backup"=C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-11-13 3790936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-11 19:23:10 ----D---- C:\_OTM
2017-02-09 19:57:32 ----D---- C:\AdwCleaner
2017-02-05 11:14:25 ----SHD---- C:\Config.Msi
2017-02-05 11:12:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\UtcResources.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ie4uinit.exe
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\urlmon.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\occache.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\iedkcs32.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-05 11:12:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\iesetup.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\ieapfltr.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\dxtrans.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\diagtrack.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\vbscript.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\jsproxy.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieUnatt.exe
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieui.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieframe.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\dxtmsft.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\wininet.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\webcheck.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmled.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9diag.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\wmp.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\msrating.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\mshtml.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-02-05 11:12:05 ----A---- C:\Windows\system32\FntCache.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\DWrite.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\win32k.sys
2017-02-05 11:12:04 ----A---- C:\Windows\system32\ntdll.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\crypt32.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\blackbox.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\winload.exe
2017-02-05 11:12:03 ----A---- C:\Windows\system32\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\schannel.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\scavengeui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\rpcrt4.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\lsasrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\KernelBase.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kerberos.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-02-05 11:12:03 ----A---- C:\Windows\system32\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\audiosrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64win.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\winsrv.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\srcore.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\rpchttp.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\pcasvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\ncrypt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msiexec.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfps.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\EncDump.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\cng.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\consent.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\conhost.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\clfs.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\certcli.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\bcdedit.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\adtschema.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\user.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wow64cpu.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspisrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\smss.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rstrui.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcawrk.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcalua.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcaevts.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcadm.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msmmsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msihnd.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lsass.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\appid.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\csrsrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\audiodg.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appinfo.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidsvc.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\adsmsext.dll
2017-02-03 16:44:58 ----D---- C:\rsit
2017-02-03 16:44:58 ----D---- C:\Program Files\trend micro
2017-01-31 20:14:04 ----D---- C:\Users\Mordor\AppData\Roaming\GHISLER
2017-01-31 20:14:04 ----D---- C:\totalcmd
2017-01-31 20:14:04 ----A---- C:\Windows\UC.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\RAR.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKUNZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\LHA.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\ARJ.PIF
2017-01-14 11:15:28 ----D---- C:\ProgramData\SP_FT_Logs
2017-01-14 11:13:22 ----D---- C:\Users\Mordor\AppData\Roaming\Lenovo
2017-01-14 11:13:14 ----D---- C:\Program Files (x86)\Lenovo Smart Assistant
2017-01-14 10:21:11 ----D---- C:\Users\Mordor\AppData\Roaming\ADBDriverInstaller
2017-01-14 10:01:06 ----D---- C:\Program Files (x86)\Minimal ADB and Fastboot
======List of files/folders modified in the last 1 month======
2017-02-11 19:24:27 ----D---- C:\Windows\Temp
2017-02-11 19:24:26 ----D---- C:\ProgramData\NVIDIA
2017-02-11 19:24:04 ----D---- C:\Windows\system32\config
2017-02-11 13:06:09 ----D---- C:\Windows\System32
2017-02-11 13:06:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-11 13:06:08 ----D---- C:\Windows\inf
2017-02-10 22:01:32 ----D---- C:\Users\Mordor\AppData\Roaming\vlc
2017-02-08 15:33:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-07 21:50:48 ----D---- C:\Program Files (x86)\TeamViewer
2017-02-06 16:06:08 ----D---- C:\Windows\system32\DriverStore
2017-02-05 12:38:10 ----D---- C:\Windows\rescache
2017-02-05 12:24:00 ----D---- C:\Windows\Microsoft.NET
2017-02-05 12:21:43 ----RSD---- C:\Windows\assembly
2017-02-05 11:56:27 ----D---- C:\Windows\winsxs
2017-02-05 11:55:49 ----D---- C:\Windows\system32\drivers
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\migration
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Windows\SysWOW64
2017-02-05 11:55:48 ----D---- C:\Windows\system32\migration
2017-02-05 11:55:48 ----D---- C:\Windows\system32\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\system32\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\system32\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Program Files\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files\Internet Explorer
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-02-05 11:55:47 ----D---- C:\Windows\system32\Boot
2017-02-05 11:55:47 ----D---- C:\Windows\AppPatch
2017-02-05 11:17:03 ----SHD---- C:\Windows\Installer
2017-02-05 11:14:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-02-05 11:13:43 ----D---- C:\Windows\system32\MRT
2017-02-05 11:12:26 ----AC---- C:\Windows\system32\MRT.exe
2017-02-05 11:12:22 ----SHD---- C:\System Volume Information
2017-02-05 11:09:29 ----D---- C:\Windows\system32\catroot2
2017-02-03 16:44:58 ----RD---- C:\Program Files
2017-01-31 20:14:04 ----D---- C:\Windows
2017-01-31 13:47:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-15 15:12:20 ----RD---- C:\Program Files (x86)
2017-01-14 11:15:28 ----HD---- C:\ProgramData
2017-01-13 22:27:39 ----D---- C:\ProgramData\tmp
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-30 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-09 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-24 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-09 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2015-08-01 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2015-08-01 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2015-08-01 52640]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2015-08-01 47168]
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2016-05-17 146424]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-11 14376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2017-01-14 33280]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-08-22 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-11 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-04-09 1164856]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2016-10-04 2273424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-04-09 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-04-09 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-09 1264064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-28 76152]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-09 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-19 10351856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-07-30 1268568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-04-09 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-20 1464096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-02-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-02-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11 270936]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-02-05 51384]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-02-08 1494024]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-02-05 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-30 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-07-28 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-28 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
-----------------EOF-----------------
Run by Mordor at 2017-02-11 19:25:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (21%) free of 114 GB
Total RAM: 8154 MB (73% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:25:56, on 11.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
D:\Steam\Steam.exe
C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Mordor_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Google Update] C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9600 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-785a72ab-03dd-4466-b953-9fa580ab9c31 -SystemEventPortName:HostProcess-1872a644-1389-43d6-93f6-d53c91204268 -IoCancelEventPortName:HostProcess-f54ad71e-f324-4ae9-a37c-f5c70d20fc1f -NonStateChangingEventPortName:HostProcess-6489f4ac-f0dc-47f0-830e-1edd663815bc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c5c9db9a-5d22-4b97-8f56-de851a689693 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-938054914-132488739613585393291273956803-1970678657-2030809631-1916493105-1836781855
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"D:\Steam\Steam.exe" -silent
"C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\Mordor\AppData\Local\Steam\htmlcache" "-steampid=1232" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5052.5.1464753799\1056515531" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 5052 "\\.\pipe\gecko-crash-server-pipe.5052" tab
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Mordor\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000Core - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2881103408-3670860739-8521875-1000UA - C:\Users\Mordor\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SmartShare - C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe tray
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2881103408-3670860739-8521875-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
=========Mozilla firefox=========
ProfilePath - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Simple YouTube to MP3/MP4 Converter and Downloader - extension - jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\features\{1613e05d-9c90-4f38-8318-6e7d5c689a27}\hsts-priming@mozilla.org.xpi
C:\Users\Mordor\AppData\Roaming\Mozilla\Firefox\Profiles\txswpwo4.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.23.20053.15062 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.6472 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
=========Google Chrome=========
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.5
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Mordor\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-28 1610936]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2015-08-01 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2015-08-01 158208]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-04-09 2397752]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-03-24 1767248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2017-01-20 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-07-30 4468056]
"Google Update"=C:\Users\Mordor\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-16 601752]
"Google Photos Backup"=C:\Users\Mordor\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-11-13 3790936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-11 19:23:10 ----D---- C:\_OTM
2017-02-09 19:57:32 ----D---- C:\AdwCleaner
2017-02-05 11:14:25 ----SHD---- C:\Config.Msi
2017-02-05 11:12:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-02-05 11:12:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\UtcResources.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\inseng.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iertutil.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\iernonce.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-02-05 11:12:12 ----A---- C:\Windows\system32\ie4uinit.exe
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-02-05 11:12:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\urlmon.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\occache.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-02-05 11:12:10 ----A---- C:\Windows\system32\iedkcs32.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-02-05 11:12:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-05 11:12:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\iesetup.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\ieapfltr.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\dxtrans.dll
2017-02-05 11:12:09 ----A---- C:\Windows\system32\diagtrack.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-02-05 11:12:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\vbscript.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\jsproxy.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieUnatt.exe
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieui.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\ieframe.dll
2017-02-05 11:12:08 ----A---- C:\Windows\system32\dxtmsft.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\wininet.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\webcheck.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\mshtmled.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9diag.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript9.dll
2017-02-05 11:12:07 ----A---- C:\Windows\system32\jscript.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\wmp.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\msrating.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-02-05 11:12:06 ----A---- C:\Windows\system32\mshtml.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-02-05 11:12:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-02-05 11:12:05 ----A---- C:\Windows\system32\FntCache.dll
2017-02-05 11:12:05 ----A---- C:\Windows\system32\DWrite.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\WsmSvc.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\win32k.sys
2017-02-05 11:12:04 ----A---- C:\Windows\system32\ntdll.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\msi.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\mf.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\drmv2clt.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\crypt32.dll
2017-02-05 11:12:04 ----A---- C:\Windows\system32\blackbox.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\winload.exe
2017-02-05 11:12:03 ----A---- C:\Windows\system32\win32spl.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\UIAnimation.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\schannel.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\scavengeui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\rpcrt4.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\quartz.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\oleaut32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\msctf.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\lsasrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\KernelBase.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kernel32.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\kerberos.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\inetcomm.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-02-05 11:12:03 ----A---- C:\Windows\system32\evr.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\authui.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\audiosrv.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-02-05 11:12:03 ----A---- C:\Windows\system32\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WsmAuto.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64win.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wow64.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wmploc.DLL
2017-02-05 11:12:02 ----A---- C:\Windows\system32\wintrust.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\winsrv.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\WebClnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\usp10.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\user32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\srcore.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\rpchttp.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\qdvd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\pcasvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\ncrypt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\msiexec.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfps.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\mfplat.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\gdi32.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\EncDump.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\drivers\cng.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\davclnt.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptui.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\cryptnet.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\consent.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\conhost.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\clfs.sys
2017-02-05 11:12:02 ----A---- C:\Windows\system32\certcli.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\bcdedit.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioSes.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\AudioEng.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\atmfd.dll
2017-02-05 11:12:02 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-02-05 11:12:02 ----A---- C:\Windows\system32\adtschema.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-05 11:12:01 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\user.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\WsmRes.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wow64cpu.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\wdigest.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\tzres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\TSpkg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspisrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\sspicli.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\srclient.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\spwmp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\smss.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\secur32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rstrui.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\rrinstaller.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcawrk.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcalua.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcaevts.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\pcadm.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\ntvdm64.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\nlsbres.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msscp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msobjs.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msnetobj.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msmmsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msimsg.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msihnd.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\msaudite.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mfpmp.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\mferror.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lsass.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\lpk.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\input.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\INETRES.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\hlink.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\fontsub.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\drivers\appid.sys
2017-02-05 11:12:01 ----A---- C:\Windows\system32\dciman32.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\csrsrv.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptsp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\cryptbase.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\credssp.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\auditpol.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\audiodg.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\atmlib.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\asycfilt.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appinfo.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidsvc.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-02-05 11:12:01 ----A---- C:\Windows\system32\appidapi.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\apisetschema.dll
2017-02-05 11:12:01 ----A---- C:\Windows\system32\adsmsext.dll
2017-02-03 16:44:58 ----D---- C:\rsit
2017-02-03 16:44:58 ----D---- C:\Program Files\trend micro
2017-01-31 20:14:04 ----D---- C:\Users\Mordor\AppData\Roaming\GHISLER
2017-01-31 20:14:04 ----D---- C:\totalcmd
2017-01-31 20:14:04 ----A---- C:\Windows\UC.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\RAR.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\PKUNZIP.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\LHA.PIF
2017-01-31 20:14:04 ----A---- C:\Windows\ARJ.PIF
2017-01-14 11:15:28 ----D---- C:\ProgramData\SP_FT_Logs
2017-01-14 11:13:22 ----D---- C:\Users\Mordor\AppData\Roaming\Lenovo
2017-01-14 11:13:14 ----D---- C:\Program Files (x86)\Lenovo Smart Assistant
2017-01-14 10:21:11 ----D---- C:\Users\Mordor\AppData\Roaming\ADBDriverInstaller
2017-01-14 10:01:06 ----D---- C:\Program Files (x86)\Minimal ADB and Fastboot
======List of files/folders modified in the last 1 month======
2017-02-11 19:24:27 ----D---- C:\Windows\Temp
2017-02-11 19:24:26 ----D---- C:\ProgramData\NVIDIA
2017-02-11 19:24:04 ----D---- C:\Windows\system32\config
2017-02-11 13:06:09 ----D---- C:\Windows\System32
2017-02-11 13:06:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-11 13:06:08 ----D---- C:\Windows\inf
2017-02-10 22:01:32 ----D---- C:\Users\Mordor\AppData\Roaming\vlc
2017-02-08 15:33:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-07 21:50:48 ----D---- C:\Program Files (x86)\TeamViewer
2017-02-06 16:06:08 ----D---- C:\Windows\system32\DriverStore
2017-02-05 12:38:10 ----D---- C:\Windows\rescache
2017-02-05 12:24:00 ----D---- C:\Windows\Microsoft.NET
2017-02-05 12:21:43 ----RSD---- C:\Windows\assembly
2017-02-05 11:56:27 ----D---- C:\Windows\winsxs
2017-02-05 11:55:49 ----D---- C:\Windows\system32\drivers
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\migration
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Windows\SysWOW64
2017-02-05 11:55:48 ----D---- C:\Windows\system32\migration
2017-02-05 11:55:48 ----D---- C:\Windows\system32\en-US
2017-02-05 11:55:48 ----D---- C:\Windows\system32\Dism
2017-02-05 11:55:48 ----D---- C:\Windows\system32\cs-CZ
2017-02-05 11:55:48 ----D---- C:\Program Files\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files\Internet Explorer
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Windows Media Player
2017-02-05 11:55:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-02-05 11:55:47 ----D---- C:\Windows\system32\Boot
2017-02-05 11:55:47 ----D---- C:\Windows\AppPatch
2017-02-05 11:17:03 ----SHD---- C:\Windows\Installer
2017-02-05 11:14:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-02-05 11:13:43 ----D---- C:\Windows\system32\MRT
2017-02-05 11:12:26 ----AC---- C:\Windows\system32\MRT.exe
2017-02-05 11:12:22 ----SHD---- C:\System Volume Information
2017-02-05 11:09:29 ----D---- C:\Windows\system32\catroot2
2017-02-03 16:44:58 ----RD---- C:\Program Files
2017-01-31 20:14:04 ----D---- C:\Windows
2017-01-31 13:47:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 16:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-15 15:12:20 ----RD---- C:\Program Files (x86)
2017-01-14 11:15:28 ----HD---- C:\ProgramData
2017-01-13 22:27:39 ----D---- C:\ProgramData\tmp
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-30 30264]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-04-09 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-03-24 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-09 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2015-08-01 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2015-08-01 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2015-08-01 52640]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2015-08-01 47168]
S3 cmnxusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s 20140303; C:\Windows\system32\DRIVERS\cmnxusbser.sys [2016-05-17 146424]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-11 14376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2017-01-14 33280]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-08-22 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-11 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-28 5817256]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-04-09 1164856]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2016-10-04 2273424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-04-09 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-04-09 2522680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-04-09 1264064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-07-28 76152]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-04-09 426040]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-12-19 10351856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-07-30 1268568]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-04-09 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-20 1464096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-02-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-02-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11 270936]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-02-05 51384]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-02-08 1494024]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-28 2271928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-17 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-02-05 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-30 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-07-28 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-28 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-02-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
to_je_jedno
- Návštěvník
- Příspěvky: 76
- Registrován: 05 zář 2006 19:18
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Bohužel, stále stejné. Můžou to dělat ovladače? Nedávno jsem si trochu hrál při přeinstalování telefonu a nahrával jsem různé USB ovladače.
-
Rudy
- Site Admin
- Příspěvky: 119389
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka odpojuje se USB prehravac
Jistě, mohou. Přeinstalujte ovladač zákl. desky.to_je_jedno píše:Bohužel, stále stejné. Můžou to dělat ovladače? Nedávno jsem si trochu hrál při přeinstalování telefonu a nahrával jsem různé USB ovladače.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?