Ahoj, po sluštění podezřelého .exe někdy skáčou okna v prohlížeči, Avast nachází vir (rootkit) ve ProgramFiles(x86)\UCBrowser\
dá se podle logu zjistit co s tím? Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mustafo at 2017-02-28 13:22:10
Microsoft Windows 10 Pro
System drive C: has 88 GB (35%) free of 250 GB
Total RAM: 16267 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:22:23, on 28. 2. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Mustafo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 1267C24085
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WIFIGXENDHCPSER - Unknown owner - C:\Program Files (x86)\My WIFI Router\bmser.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WibuKey Server (WkSvw32.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13603 bytes
======Listing Processes======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
dashost.exe {bb871d5d-5e34-409c-813b7a537edd6466}
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\My WIFI Router\bmser.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\ibtsiva
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" bae04a96-cfd7-4f9e-8617-96b4d4fc8e72 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"fontdrvhost.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d855229f-d417-4af7-be53-d7d5494bc721 -SystemEventPortName:HostProcess-c1c11d92-e99f-4079-b1bd-76b5e600d75a -IoCancelEventPortName:HostProcess-2dac0f6c-4429-4221-840d-b18d5406bd98 -NonStateChangingEventPortName:HostProcess-f8007f21-340f-497c-866c-b244ebd9326b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3c44dffd-1171-40f1-9068-76f668ac82b0 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\AUDIODG.EXE 0x230
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\UCBrowser\Application\6.1.2107.8\UCAgent.exe"
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1860 --on-initialized-event-handle=748 --parent-handle=920 /prefetch:6
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4549 --gpu-driver-date=11-10-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=625CCDB4C283AB6B726BB58A83812654 --mojo-platform-channel-handle=1588 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=09450346E8CB608F2D57F31203645225 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=09450346E8CB608F2D57F31203645225 --renderer-client-id=3 --mojo-platform-channel-handle=2840 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=82C0E68458466EBDD5E285EBA5027FEB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=82C0E68458466EBDD5E285EBA5027FEB --renderer-client-id=4 --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --renderer-client-id=11 --mojo-platform-channel-handle=6800 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 660 668 8192 664
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Mustafo\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\UCBrowserUpdater.job - C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-11-30 401888]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-09-09 176440]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-01-20 2780112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Google Update"=C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2017-02-27 601752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-02-27 205512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{12BEB57E-ECD3-11E6-A98A-64006A5CFC23}"=C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2017-02-28 13:22:10 ----D---- C:\rsit
2017-02-28 13:22:10 ----D---- C:\Program Files\trend micro
2017-02-28 12:24:33 ----D---- C:\ProgramData\SWCUTemp
2017-02-27 16:06:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00:46 ----A---- C:\WINDOWS\system32\drivers\MBAMChameleon.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-02-27 15:00:32 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-02-27 14:59:50 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-02-27 14:59:47 ----D---- C:\Program Files\Malwarebytes
2017-02-20 12:59:25 ----HD---- C:\$AV_ASW
2017-02-18 10:13:42 ----A---- C:\WINDOWS\system32\drivers\aswNetSec.sys
2017-02-16 21:22:13 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-02-16 21:19:52 ----D---- C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files\AV
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-02-16 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-02-16 21:16:20 ----D---- C:\Program Files\AVAST Software
2017-02-14 23:42:25 ----D---- C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:41:35 ----D---- C:\WINDOWS\system32\log
2017-02-14 14:48:29 ----D---- C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57:15 ----D---- C:\AdwCleaner
2017-02-12 21:52:26 ----A---- C:\WINDOWS\wininit.ini
2017-02-12 21:45:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45:37 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:43:41 ----A---- C:\autoexec.bat
2017-02-12 19:37:58 ----D---- C:\ProgramData\Start Menu
2017-02-12 19:37:55 ----A---- C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26:34 ----D---- C:\Program Files (x86)\UCBrowser
2017-02-12 19:25:51 ----D---- C:\ProgramData\ProductData
2017-02-12 19:25:50 ----D---- C:\WINDOWS\IObit
2017-02-12 19:25:47 ----D---- C:\ProgramData\IObit
2017-02-12 19:25:47 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2017-02-12 19:25:19 ----D---- C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:24:46 ----D---- C:\Users\Mustafo\AppData\Roaming\Profiles
2017-02-12 19:24:45 ----D---- C:\Program Files (x86)\Bulily
2017-02-11 18:32:02 ----D---- C:\Program Files\USB Disk Storage Format Tool
======List of files/folders modified in the last 1 month======
2017-02-28 13:22:23 ----D---- C:\WINDOWS\Prefetch
2017-02-28 13:22:10 ----RD---- C:\Program Files
2017-02-28 13:20:17 ----D---- C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-28 12:38:57 ----D---- C:\WINDOWS\Temp
2017-02-28 12:33:45 ----AD---- C:\WINDOWS\system32\drivers
2017-02-28 12:26:11 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-02-28 12:24:33 ----HD---- C:\ProgramData
2017-02-28 12:22:46 ----D---- C:\WINDOWS\System32
2017-02-28 12:22:46 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-28 03:03:04 ----D---- C:\WINDOWS\system32\sru
2017-02-28 02:50:28 ----AD---- C:\Program Files (x86)\TeamViewer
2017-02-28 02:50:27 ----D---- C:\WINDOWS\system32\Tasks
2017-02-28 02:36:59 ----D---- C:\WINDOWS\Tasks
2017-02-28 02:20:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-02-27 16:10:15 ----D---- C:\WINDOWS\Minidump
2017-02-27 16:09:33 ----D---- C:\Windows
2017-02-27 16:01:20 ----RD---- C:\Program Files (x86)
2017-02-27 15:09:48 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-27 14:59:47 ----D---- C:\ProgramData\Malwarebytes
2017-02-27 06:55:57 ----D---- C:\WINDOWS\AppReadiness
2017-02-25 10:53:58 ----HD---- C:\Program Files\WindowsApps
2017-02-25 04:21:26 ----SHDC---- C:\WINDOWS\Installer
2017-02-25 04:19:41 ----SHD---- C:\System Volume Information
2017-02-25 04:18:26 ----D---- C:\Program Files (x86)\Google
2017-02-25 02:13:11 ----D---- C:\WINDOWS\SysWOW64
2017-02-24 22:23:58 ----D---- C:\WINDOWS\system32\config
2017-02-24 20:01:38 ----D---- C:\WINDOWS\system32\catroot2
2017-02-24 20:01:28 ----D---- C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47:41 ----D---- C:\WINDOWS\system32\MRT
2017-02-24 12:45:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31:54 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 16:31:44 ----D---- C:\WINDOWS\WinSxS
2017-02-22 14:34:09 ----D---- C:\WINDOWS\system32\NDF
2017-02-19 12:32:19 ----D---- C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13:42 ----D---- C:\ProgramData\AVAST Software
2017-02-17 20:47:22 ----D---- C:\ProgramData\Skype
2017-02-16 21:29:37 ----RD---- C:\Program Files (x86)\Skype
2017-02-16 21:29:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files
2017-02-16 21:15:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:52:29 ----SHD---- C:\Recovery
2017-02-16 20:29:17 ----D---- C:\WINDOWS\system32\WDI
2017-02-12 21:52:27 ----SD---- C:\ProgramData\Microsoft
2017-02-12 20:31:45 ----D---- C:\WINDOWS\twain_64
2017-02-12 20:09:33 ----D---- C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-11 18:22:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-11 18:22:21 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-02-27 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-02-27 334600]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-02-27 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-02-27 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-02-27 337592]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-09 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-08-06 74344]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-02-28 251848]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-02-27 309272]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-02-27 32088]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-02-27 461640]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-02-27 100640]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-02-27 993608]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-02-27 547904]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 dtsoftbus01;@oem56.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-09 283064]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-01-20 77416]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [2017-02-12 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-02-27 126600]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-02-27 162528]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-02-27 176584]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-08-29 14136]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2013-04-17 17152]
R3 ATP;@oem9.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 101368]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-11 84992]
R3 HIDSwitch;@oem46.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtusb;@oem78.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-09-08 221448]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-25 3903320]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-02-28 110536]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-02-28 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-02-28 91584]
R3 MEIx64;@oem37.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-09 100312]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-07-16 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem17.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RTL8168;@oem69.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-01-08 848088]
R3 RTSPER;@oem66.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-07-08 759552]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-02-27 38296]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem85.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\drivers\netr28ux.sys [2016-07-16 2224128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SeratoUsb;@oem7.inf,%SeratoUsb.SvcDesc%;SeratoUsb driver; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [2013-07-09 49656]
S3 ssudmdm;@oem73.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;SAMSUNG Mobile Mode Changer Device; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-08-05 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-08-29 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-27 262736]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-02-27 278784]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3d130;CDPUserSvc_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2015-01-21 3523448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 ibtsiva;@oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-09 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-09 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-09 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 4355024]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_3d130;Hostitel synchronizace_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_3d130;Data kontaktů_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-02-27 7147320]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-11-09 1369856]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-09-09 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3d130;Služba zasílání zpráv_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Někdy skáčou okna, Avast nachází vir (rootkit)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Tady je log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mustafo at 2017-02-28 21:02:10
Microsoft Windows 10 Pro
System drive C: has 88 GB (35%) free of 250 GB
Total RAM: 16267 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:33, on 28. 2. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Mustafo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 1267C24085
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WIFIGXENDHCPSER - Unknown owner - C:\Program Files (x86)\My WIFI Router\bmser.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WibuKey Server (WkSvw32.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13603 bytes
======Listing Processes======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
dashost.exe {bb871d5d-5e34-409c-813b7a537edd6466}
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\My WIFI Router\bmser.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\ibtsiva
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" bae04a96-cfd7-4f9e-8617-96b4d4fc8e72 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"fontdrvhost.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d855229f-d417-4af7-be53-d7d5494bc721 -SystemEventPortName:HostProcess-c1c11d92-e99f-4079-b1bd-76b5e600d75a -IoCancelEventPortName:HostProcess-2dac0f6c-4429-4221-840d-b18d5406bd98 -NonStateChangingEventPortName:HostProcess-f8007f21-340f-497c-866c-b244ebd9326b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3c44dffd-1171-40f1-9068-76f668ac82b0 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\AUDIODG.EXE 0x230
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\UCBrowser\Application\6.1.2107.8\UCAgent.exe"
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1860 --on-initialized-event-handle=748 --parent-handle=920 /prefetch:6
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4549 --gpu-driver-date=11-10-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=625CCDB4C283AB6B726BB58A83812654 --mojo-platform-channel-handle=1588 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=09450346E8CB608F2D57F31203645225 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=09450346E8CB608F2D57F31203645225 --renderer-client-id=3 --mojo-platform-channel-handle=2840 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=82C0E68458466EBDD5E285EBA5027FEB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=82C0E68458466EBDD5E285EBA5027FEB --renderer-client-id=4 --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --renderer-client-id=11 --mojo-platform-channel-handle=6800 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 660 668 8192 664
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Mustafo\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\UCBrowserUpdater.job - C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-11-30 401888]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-09-09 176440]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-01-20 2780112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Google Update"=C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2017-02-27 601752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-02-27 205512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{12BEB57E-ECD3-11E6-A98A-64006A5CFC23}"=C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2017-02-28 13:22:10 ----D---- C:\rsit
2017-02-28 13:22:10 ----D---- C:\Program Files\trend micro
2017-02-28 12:24:33 ----D---- C:\ProgramData\SWCUTemp
2017-02-27 16:06:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00:46 ----A---- C:\WINDOWS\system32\drivers\MBAMChameleon.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-02-27 15:00:32 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-02-27 14:59:50 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-02-27 14:59:47 ----D---- C:\Program Files\Malwarebytes
2017-02-20 12:59:25 ----HD---- C:\$AV_ASW
2017-02-18 10:13:42 ----A---- C:\WINDOWS\system32\drivers\aswNetSec.sys
2017-02-16 21:22:13 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-02-16 21:19:52 ----D---- C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files\AV
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-02-16 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-02-16 21:16:20 ----D---- C:\Program Files\AVAST Software
2017-02-14 23:42:25 ----D---- C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:41:35 ----D---- C:\WINDOWS\system32\log
2017-02-14 14:48:29 ----D---- C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57:15 ----D---- C:\AdwCleaner
2017-02-12 21:52:26 ----A---- C:\WINDOWS\wininit.ini
2017-02-12 21:45:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45:37 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:43:41 ----A---- C:\autoexec.bat
2017-02-12 19:37:58 ----D---- C:\ProgramData\Start Menu
2017-02-12 19:37:55 ----A---- C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26:34 ----D---- C:\Program Files (x86)\UCBrowser
2017-02-12 19:25:51 ----D---- C:\ProgramData\ProductData
2017-02-12 19:25:50 ----D---- C:\WINDOWS\IObit
2017-02-12 19:25:47 ----D---- C:\ProgramData\IObit
2017-02-12 19:25:47 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2017-02-12 19:25:19 ----D---- C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:24:46 ----D---- C:\Users\Mustafo\AppData\Roaming\Profiles
2017-02-12 19:24:45 ----D---- C:\Program Files (x86)\Bulily
2017-02-11 18:32:02 ----D---- C:\Program Files\USB Disk Storage Format Tool
======List of files/folders modified in the last 1 month======
2017-02-28 13:22:23 ----D---- C:\WINDOWS\Prefetch
2017-02-28 13:22:10 ----RD---- C:\Program Files
2017-02-28 13:20:17 ----D---- C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-28 12:38:57 ----D---- C:\WINDOWS\Temp
2017-02-28 12:33:45 ----AD---- C:\WINDOWS\system32\drivers
2017-02-28 12:26:11 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-02-28 12:24:33 ----HD---- C:\ProgramData
2017-02-28 12:22:46 ----D---- C:\WINDOWS\System32
2017-02-28 12:22:46 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-28 03:03:04 ----D---- C:\WINDOWS\system32\sru
2017-02-28 02:50:28 ----AD---- C:\Program Files (x86)\TeamViewer
2017-02-28 02:50:27 ----D---- C:\WINDOWS\system32\Tasks
2017-02-28 02:36:59 ----D---- C:\WINDOWS\Tasks
2017-02-28 02:20:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-02-27 16:10:15 ----D---- C:\WINDOWS\Minidump
2017-02-27 16:09:33 ----D---- C:\Windows
2017-02-27 16:01:20 ----RD---- C:\Program Files (x86)
2017-02-27 15:09:48 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-27 14:59:47 ----D---- C:\ProgramData\Malwarebytes
2017-02-27 06:55:57 ----D---- C:\WINDOWS\AppReadiness
2017-02-25 10:53:58 ----HD---- C:\Program Files\WindowsApps
2017-02-25 04:21:26 ----SHDC---- C:\WINDOWS\Installer
2017-02-25 04:19:41 ----SHD---- C:\System Volume Information
2017-02-25 04:18:26 ----D---- C:\Program Files (x86)\Google
2017-02-25 02:13:11 ----D---- C:\WINDOWS\SysWOW64
2017-02-24 22:23:58 ----D---- C:\WINDOWS\system32\config
2017-02-24 20:01:38 ----D---- C:\WINDOWS\system32\catroot2
2017-02-24 20:01:28 ----D---- C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47:41 ----D---- C:\WINDOWS\system32\MRT
2017-02-24 12:45:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31:54 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 16:31:44 ----D---- C:\WINDOWS\WinSxS
2017-02-22 14:34:09 ----D---- C:\WINDOWS\system32\NDF
2017-02-19 12:32:19 ----D---- C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13:42 ----D---- C:\ProgramData\AVAST Software
2017-02-17 20:47:22 ----D---- C:\ProgramData\Skype
2017-02-16 21:29:37 ----RD---- C:\Program Files (x86)\Skype
2017-02-16 21:29:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files
2017-02-16 21:15:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:52:29 ----SHD---- C:\Recovery
2017-02-16 20:29:17 ----D---- C:\WINDOWS\system32\WDI
2017-02-12 21:52:27 ----SD---- C:\ProgramData\Microsoft
2017-02-12 20:31:45 ----D---- C:\WINDOWS\twain_64
2017-02-12 20:09:33 ----D---- C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-11 18:22:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-11 18:22:21 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-02-27 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-02-27 334600]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-02-27 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-02-27 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-02-27 337592]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-09 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-08-06 74344]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-02-28 251848]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-02-27 309272]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-02-27 32088]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-02-27 461640]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-02-27 100640]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-02-27 993608]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-02-27 547904]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 dtsoftbus01;@oem56.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-09 283064]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-01-20 77416]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [2017-02-12 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-02-27 126600]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-02-27 162528]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-02-27 176584]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-08-29 14136]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2013-04-17 17152]
R3 ATP;@oem9.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 101368]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-11 84992]
R3 HIDSwitch;@oem46.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtusb;@oem78.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-09-08 221448]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-25 3903320]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-02-28 110536]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-02-28 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-02-28 91584]
R3 MEIx64;@oem37.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-09 100312]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-07-16 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem17.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RTL8168;@oem69.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-01-08 848088]
R3 RTSPER;@oem66.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-07-08 759552]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-02-27 38296]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem85.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\drivers\netr28ux.sys [2016-07-16 2224128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SeratoUsb;@oem7.inf,%SeratoUsb.SvcDesc%;SeratoUsb driver; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [2013-07-09 49656]
S3 ssudmdm;@oem73.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;SAMSUNG Mobile Mode Changer Device; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-08-05 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-08-29 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-27 262736]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-02-27 278784]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3d130;CDPUserSvc_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2015-01-21 3523448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 ibtsiva;@oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-09 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-09 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-09 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 4355024]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_3d130;Hostitel synchronizace_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_3d130;Data kontaktů_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-02-27 7147320]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-11-09 1369856]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-09-09 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3d130;Služba zasílání zpráv_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mustafo at 2017-02-28 21:02:10
Microsoft Windows 10 Pro
System drive C: has 88 GB (35%) free of 250 GB
Total RAM: 16267 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:02:33, on 28. 2. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Mustafo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 1267C24085
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WIFIGXENDHCPSER - Unknown owner - C:\Program Files (x86)\My WIFI Router\bmser.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WibuKey Server (WkSvw32.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13603 bytes
======Listing Processes======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
dashost.exe {bb871d5d-5e34-409c-813b7a537edd6466}
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\My WIFI Router\bmser.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\ibtsiva
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" bae04a96-cfd7-4f9e-8617-96b4d4fc8e72 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"fontdrvhost.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d855229f-d417-4af7-be53-d7d5494bc721 -SystemEventPortName:HostProcess-c1c11d92-e99f-4079-b1bd-76b5e600d75a -IoCancelEventPortName:HostProcess-2dac0f6c-4429-4221-840d-b18d5406bd98 -NonStateChangingEventPortName:HostProcess-f8007f21-340f-497c-866c-b244ebd9326b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3c44dffd-1171-40f1-9068-76f668ac82b0 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\AUDIODG.EXE 0x230
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\UCBrowser\Application\6.1.2107.8\UCAgent.exe"
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1860 --on-initialized-event-handle=748 --parent-handle=920 /prefetch:6
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4549 --gpu-driver-date=11-10-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=625CCDB4C283AB6B726BB58A83812654 --mojo-platform-channel-handle=1588 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=09450346E8CB608F2D57F31203645225 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=09450346E8CB608F2D57F31203645225 --renderer-client-id=3 --mojo-platform-channel-handle=2840 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsInterventionV2/Default/ --primordial-pipe-token=82C0E68458466EBDD5E285EBA5027FEB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=82C0E68458466EBDD5E285EBA5027FEB --renderer-client-id=4 --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/MergeByRedirects/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledDisableDelayTcpRace/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_Stable_50/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=A9AD4AFBD3A0CFBBF6DBF7DBC2A1198B --renderer-client-id=11 --mojo-platform-channel-handle=6800 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 660 668 8192 664
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Mustafo\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\UCBrowserUpdater.job - C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-11-30 401888]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-09-09 176440]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-01-20 2780112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Google Update"=C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2017-02-27 601752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-02-27 205512]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{12BEB57E-ECD3-11E6-A98A-64006A5CFC23}"=C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2017-02-28 13:22:10 ----D---- C:\rsit
2017-02-28 13:22:10 ----D---- C:\Program Files\trend micro
2017-02-28 12:24:33 ----D---- C:\ProgramData\SWCUTemp
2017-02-27 16:06:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00:46 ----A---- C:\WINDOWS\system32\drivers\MBAMChameleon.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-02-27 15:00:36 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-02-27 15:00:32 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-02-27 14:59:50 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-02-27 14:59:47 ----D---- C:\Program Files\Malwarebytes
2017-02-20 12:59:25 ----HD---- C:\$AV_ASW
2017-02-18 10:13:42 ----A---- C:\WINDOWS\system32\drivers\aswNetSec.sys
2017-02-16 21:22:13 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-02-16 21:19:52 ----D---- C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files\AV
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-02-16 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-02-16 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-02-16 21:16:20 ----D---- C:\Program Files\AVAST Software
2017-02-14 23:42:25 ----D---- C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:41:35 ----D---- C:\WINDOWS\system32\log
2017-02-14 14:48:29 ----D---- C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57:15 ----D---- C:\AdwCleaner
2017-02-12 21:52:26 ----A---- C:\WINDOWS\wininit.ini
2017-02-12 21:45:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45:37 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:43:41 ----A---- C:\autoexec.bat
2017-02-12 19:37:58 ----D---- C:\ProgramData\Start Menu
2017-02-12 19:37:55 ----A---- C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26:34 ----D---- C:\Program Files (x86)\UCBrowser
2017-02-12 19:25:51 ----D---- C:\ProgramData\ProductData
2017-02-12 19:25:50 ----D---- C:\WINDOWS\IObit
2017-02-12 19:25:47 ----D---- C:\ProgramData\IObit
2017-02-12 19:25:47 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2017-02-12 19:25:19 ----D---- C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:24:46 ----D---- C:\Users\Mustafo\AppData\Roaming\Profiles
2017-02-12 19:24:45 ----D---- C:\Program Files (x86)\Bulily
2017-02-11 18:32:02 ----D---- C:\Program Files\USB Disk Storage Format Tool
======List of files/folders modified in the last 1 month======
2017-02-28 13:22:23 ----D---- C:\WINDOWS\Prefetch
2017-02-28 13:22:10 ----RD---- C:\Program Files
2017-02-28 13:20:17 ----D---- C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-28 12:38:57 ----D---- C:\WINDOWS\Temp
2017-02-28 12:33:45 ----AD---- C:\WINDOWS\system32\drivers
2017-02-28 12:26:11 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-02-28 12:24:33 ----HD---- C:\ProgramData
2017-02-28 12:22:46 ----D---- C:\WINDOWS\System32
2017-02-28 12:22:46 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-28 03:03:04 ----D---- C:\WINDOWS\system32\sru
2017-02-28 02:50:28 ----AD---- C:\Program Files (x86)\TeamViewer
2017-02-28 02:50:27 ----D---- C:\WINDOWS\system32\Tasks
2017-02-28 02:36:59 ----D---- C:\WINDOWS\Tasks
2017-02-28 02:20:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-02-27 16:10:15 ----D---- C:\WINDOWS\Minidump
2017-02-27 16:09:33 ----D---- C:\Windows
2017-02-27 16:01:20 ----RD---- C:\Program Files (x86)
2017-02-27 15:09:48 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-27 14:59:47 ----D---- C:\ProgramData\Malwarebytes
2017-02-27 06:55:57 ----D---- C:\WINDOWS\AppReadiness
2017-02-25 10:53:58 ----HD---- C:\Program Files\WindowsApps
2017-02-25 04:21:26 ----SHDC---- C:\WINDOWS\Installer
2017-02-25 04:19:41 ----SHD---- C:\System Volume Information
2017-02-25 04:18:26 ----D---- C:\Program Files (x86)\Google
2017-02-25 02:13:11 ----D---- C:\WINDOWS\SysWOW64
2017-02-24 22:23:58 ----D---- C:\WINDOWS\system32\config
2017-02-24 20:01:38 ----D---- C:\WINDOWS\system32\catroot2
2017-02-24 20:01:28 ----D---- C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47:41 ----D---- C:\WINDOWS\system32\MRT
2017-02-24 12:45:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31:54 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 16:31:44 ----D---- C:\WINDOWS\WinSxS
2017-02-22 14:34:09 ----D---- C:\WINDOWS\system32\NDF
2017-02-19 12:32:19 ----D---- C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13:42 ----D---- C:\ProgramData\AVAST Software
2017-02-17 20:47:22 ----D---- C:\ProgramData\Skype
2017-02-16 21:29:37 ----RD---- C:\Program Files (x86)\Skype
2017-02-16 21:29:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-16 21:19:42 ----D---- C:\Program Files\Common Files
2017-02-16 21:15:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:52:29 ----SHD---- C:\Recovery
2017-02-16 20:29:17 ----D---- C:\WINDOWS\system32\WDI
2017-02-12 21:52:27 ----SD---- C:\ProgramData\Microsoft
2017-02-12 20:31:45 ----D---- C:\WINDOWS\twain_64
2017-02-12 20:09:33 ----D---- C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-11 18:22:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-11 18:22:21 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-02-27 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-02-27 334600]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-02-27 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-02-27 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-02-27 337592]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-09 644968]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-08-06 74344]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-02-28 251848]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-02-27 309272]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-02-27 32088]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-02-27 461640]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-02-27 100640]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-02-27 993608]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-02-27 547904]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 dtsoftbus01;@oem56.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-09 283064]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-01-20 77416]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [2017-02-12 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-02-27 126600]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-02-27 162528]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-02-27 176584]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-08-29 14136]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2013-04-17 17152]
R3 ATP;@oem9.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 101368]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-11 84992]
R3 HIDSwitch;@oem46.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtusb;@oem78.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-09-08 221448]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-25 3903320]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-02-28 110536]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-02-28 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-02-28 91584]
R3 MEIx64;@oem37.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-09 100312]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-07-16 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem17.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RTL8168;@oem69.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-01-08 848088]
R3 RTSPER;@oem66.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-07-08 759552]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-02-27 38296]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem14.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem85.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\drivers\netr28ux.sys [2016-07-16 2224128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 SeratoUsb;@oem7.inf,%SeratoUsb.SvcDesc%;SeratoUsb driver; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [2013-07-09 49656]
S3 ssudmdm;@oem73.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;SAMSUNG Mobile Mode Changer Device; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-08-05 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-08-29 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-27 262736]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-02-27 278784]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3d130;CDPUserSvc_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2015-01-21 3523448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 ibtsiva;@oem78.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-09 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-09 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-09 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 4355024]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_3d130;Hostitel synchronizace_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_3d130;Data kontaktů_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-02-27 7147320]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-11-09 1369856]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-09-09 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3d130;Služba zasílání zpráv_3d130; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Poslal jsem špatný LOG, posílám správný, omlouvám se.
# AdwCleaner v6.043 - Log vytvořen 01/03/2017 v 11:33:13
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Mustafo - MUSTAF-PC
# Spuštěno z : C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: ucdrv
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: UCBrowserUpdaterCore
[-] Úloha smazána: UCBrowserSecureUpdater
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\UCHTML
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10871 Bajty] - [12/02/2017 21:59:14]
C:\AdwCleaner\AdwCleaner[C10].txt - [2583 Bajty] - [28/02/2017 02:43:12]
C:\AdwCleaner\AdwCleaner[C11].txt - [2761 Bajty] - [28/02/2017 02:49:24]
C:\AdwCleaner\AdwCleaner[C12].txt - [1187 Bajty] - [01/03/2017 11:33:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [1215 Bajty] - [12/02/2017 22:03:09]
C:\AdwCleaner\AdwCleaner[C3].txt - [5847 Bajty] - [16/02/2017 20:02:43]
C:\AdwCleaner\AdwCleaner[C4].txt - [2195 Bajty] - [16/02/2017 20:07:00]
C:\AdwCleaner\AdwCleaner[C5].txt - [1812 Bajty] - [16/02/2017 20:30:22]
C:\AdwCleaner\AdwCleaner[C6].txt - [1958 Bajty] - [16/02/2017 21:10:40]
C:\AdwCleaner\AdwCleaner[C7].txt - [4159 Bajty] - [26/02/2017 04:22:00]
C:\AdwCleaner\AdwCleaner[C8].txt - [2400 Bajty] - [27/02/2017 15:41:12]
C:\AdwCleaner\AdwCleaner[C9].txt - [2507 Bajty] - [28/02/2017 02:37:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [10386 Bajty] - [12/02/2017 21:58:38]
C:\AdwCleaner\AdwCleaner[S10].txt - [2722 Bajty] - [28/02/2017 02:36:44]
C:\AdwCleaner\AdwCleaner[S11].txt - [2837 Bajty] - [28/02/2017 02:42:46]
C:\AdwCleaner\AdwCleaner[S12].txt - [2964 Bajty] - [28/02/2017 02:48:58]
C:\AdwCleaner\AdwCleaner[S13].txt - [3165 Bajty] - [01/03/2017 11:32:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [1530 Bajty] - [12/02/2017 22:03:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [6296 Bajty] - [16/02/2017 18:46:25]
C:\AdwCleaner\AdwCleaner[S3].txt - [5753 Bajty] - [16/02/2017 20:02:01]
C:\AdwCleaner\AdwCleaner[S4].txt - [2243 Bajty] - [16/02/2017 20:06:09]
C:\AdwCleaner\AdwCleaner[S5].txt - [2026 Bajty] - [16/02/2017 20:29:54]
C:\AdwCleaner\AdwCleaner[S6].txt - [2172 Bajty] - [16/02/2017 21:10:33]
C:\AdwCleaner\AdwCleaner[S7].txt - [4131 Bajty] - [26/02/2017 04:21:20]
C:\AdwCleaner\AdwCleaner[S8].txt - [2723 Bajty] - [27/02/2017 11:20:23]
C:\AdwCleaner\AdwCleaner[S9].txt - [2624 Bajty] - [27/02/2017 15:40:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [2872 Bajty] ##########
# AdwCleaner v6.043 - Log vytvořen 01/03/2017 v 11:33:13
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Mustafo - MUSTAF-PC
# Spuštěno z : C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: ucdrv
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: UCBrowserUpdaterCore
[-] Úloha smazána: UCBrowserSecureUpdater
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\UCHTML
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10871 Bajty] - [12/02/2017 21:59:14]
C:\AdwCleaner\AdwCleaner[C10].txt - [2583 Bajty] - [28/02/2017 02:43:12]
C:\AdwCleaner\AdwCleaner[C11].txt - [2761 Bajty] - [28/02/2017 02:49:24]
C:\AdwCleaner\AdwCleaner[C12].txt - [1187 Bajty] - [01/03/2017 11:33:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [1215 Bajty] - [12/02/2017 22:03:09]
C:\AdwCleaner\AdwCleaner[C3].txt - [5847 Bajty] - [16/02/2017 20:02:43]
C:\AdwCleaner\AdwCleaner[C4].txt - [2195 Bajty] - [16/02/2017 20:07:00]
C:\AdwCleaner\AdwCleaner[C5].txt - [1812 Bajty] - [16/02/2017 20:30:22]
C:\AdwCleaner\AdwCleaner[C6].txt - [1958 Bajty] - [16/02/2017 21:10:40]
C:\AdwCleaner\AdwCleaner[C7].txt - [4159 Bajty] - [26/02/2017 04:22:00]
C:\AdwCleaner\AdwCleaner[C8].txt - [2400 Bajty] - [27/02/2017 15:41:12]
C:\AdwCleaner\AdwCleaner[C9].txt - [2507 Bajty] - [28/02/2017 02:37:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [10386 Bajty] - [12/02/2017 21:58:38]
C:\AdwCleaner\AdwCleaner[S10].txt - [2722 Bajty] - [28/02/2017 02:36:44]
C:\AdwCleaner\AdwCleaner[S11].txt - [2837 Bajty] - [28/02/2017 02:42:46]
C:\AdwCleaner\AdwCleaner[S12].txt - [2964 Bajty] - [28/02/2017 02:48:58]
C:\AdwCleaner\AdwCleaner[S13].txt - [3165 Bajty] - [01/03/2017 11:32:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [1530 Bajty] - [12/02/2017 22:03:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [6296 Bajty] - [16/02/2017 18:46:25]
C:\AdwCleaner\AdwCleaner[S3].txt - [5753 Bajty] - [16/02/2017 20:02:01]
C:\AdwCleaner\AdwCleaner[S4].txt - [2243 Bajty] - [16/02/2017 20:06:09]
C:\AdwCleaner\AdwCleaner[S5].txt - [2026 Bajty] - [16/02/2017 20:29:54]
C:\AdwCleaner\AdwCleaner[S6].txt - [2172 Bajty] - [16/02/2017 21:10:33]
C:\AdwCleaner\AdwCleaner[S7].txt - [4131 Bajty] - [26/02/2017 04:21:20]
C:\AdwCleaner\AdwCleaner[S8].txt - [2723 Bajty] - [27/02/2017 11:20:23]
C:\AdwCleaner\AdwCleaner[S9].txt - [2624 Bajty] - [27/02/2017 15:40:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [2872 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Mustafo (administrator) on MUSTAF-PC (01-03-2017 20:15:19)
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\My WIFI Router\bmser.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401888 2016-11-30] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-27] (AVAST Software)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Google Update] => C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-02-27] (Google Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-02-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-02-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{94a601af-09c2-40b1-acfb-0c06b5530d00}: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{a02a797d-1ac8-4bfb-83dc-7e7c91537e8b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130860067658589664&GUID=C2545805-3830-4908-B24F-7A1267C24085
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {02D33DDF-1717-4136-AF1D-3419819BCA74} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {3FEF9D31-CFFF-44E5-ABF7-AB7A28648155} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {51619E1B-0E22-42E0-8100-C205348C0B11} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {5D28C159-566D-40BE-B777-F7F79905576C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {8170D597-C73F-4969-9234-BE778A3ADB79} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {C932DDAB-1E7B-4E83-B5BA-585FC3758ED8} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {DFBD1763-23A0-430A-8BBD-FCB997FE3686} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {E8DA44DA-5F59-4B36-B23C-530782403A1F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {F860F61B-035A-4966-9DFF-F028FC79EDD1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: hbj4szuk.default
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default [2017-02-16]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF Homepage: Mozilla\Firefox\Profiles\hbj4szuk.default -> seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default [2017-02-25]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-02-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF SearchPlugin: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\searchplugins\luck.xml [2017-02-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Disk Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-27]
CHR Extension: (Tabulky Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-27]
CHR Extension: (Gmail) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-02-27] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-02-27] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WIFIGXENDHCPSER; C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416 2014-04-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [659336 2013-12-18] (WIBU-SYSTEMS AG)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SystemUsageReportSvc_WILLAMETTE; "C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe" [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-02-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-27] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-02-27] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-02-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-02-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-02-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-02-27] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-09] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [221448 2016-09-08] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [74344 2013-08-06] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-03-01] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-01] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-03-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-07-08] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [49656 2013-07-09] (Cristalink Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapoas; C:\WINDOWS\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 20:15 - 2017-03-01 20:15 - 00027644 _____ C:\Users\Mustafo\Desktop\FRST.txt
2017-03-01 20:15 - 2017-03-01 20:15 - 00000000 ____D C:\FRST
2017-03-01 20:12 - 2017-03-01 20:12 - 07365128 _____ (Reason Software Company Inc.) C:\Users\Mustafo\Downloads\reason-core-security-setup.exe
2017-03-01 19:59 - 2017-03-01 20:14 - 02423808 _____ (Farbar) C:\Users\Mustafo\Desktop\FRST64.exe
2017-03-01 19:59 - 2017-03-01 19:59 - 02423808 _____ (Farbar) C:\Users\Mustafo\Downloads\FRST64 (1).exe
2017-03-01 19:55 - 2017-03-01 19:58 - 00000004 ____H C:\ProgramData\cm-lock
2017-03-01 17:17 - 2017-03-01 17:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-01 17:14 - 2017-03-01 17:14 - 00389924 _____ C:\WINDOWS\Minidump\030117-30640-01.dmp
2017-03-01 14:10 - 2017-03-01 17:03 - 00000000 ____D C:\Users\TEMP
2017-03-01 13:56 - 2017-03-01 13:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-01 12:34 - 2017-03-01 13:48 - 00000320 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2017-03-01 12:34 - 2017-03-01 12:34 - 00002674 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore
2017-03-01 12:01 - 2017-03-01 12:01 - 00000000 ___RD C:\Users\Mustafo\Desktop\Camera Roll
2017-03-01 11:36 - 2017-03-01 11:36 - 00002955 _____ C:\Users\Mustafo\Downloads\AdwCleanerC12.txt
2017-03-01 11:35 - 2017-03-01 11:35 - 00002955 _____ C:\Users\Mustafo\Desktop\AdwCleaner[C12].txt
2017-03-01 11:34 - 2017-03-01 11:34 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\rsit
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Program Files\trend micro
2017-02-28 13:21 - 2017-02-28 13:21 - 01222144 _____ C:\Users\Mustafo\Downloads\RSITx64.exe
2017-02-28 02:33 - 2017-02-28 02:34 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 561555.crdownload
2017-02-28 02:29 - 2017-02-28 02:29 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 710007.crdownload
2017-02-28 02:27 - 2017-02-28 02:27 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 592077.crdownload
2017-02-28 02:25 - 2017-02-28 02:25 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 58900.crdownload
2017-02-27 16:31 - 2017-02-27 16:31 - 00002491 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-27 16:29 - 2017-02-27 16:29 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
2017-02-27 16:29 - 2017-02-27 16:29 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
2017-02-27 16:28 - 2017-02-27 16:28 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (2).exe
2017-02-27 16:06 - 2017-02-27 16:05 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00 - 2017-03-01 17:04 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-27 15:00 - 2017-02-27 15:00 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-27 14:59 - 2017-02-27 14:59 - 00001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-27 14:59 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-27 14:58 - 2017-02-27 15:00 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
2017-02-24 14:09 - 2017-02-24 17:29 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 12:59 - 2017-02-20 12:59 - 00000000 ___HD C:\$AV_ASW
2017-02-20 12:37 - 2017-02-20 12:38 - 00000000 ____D C:\Users\Mustafo\Desktop\Tata fota z tabletu
2017-02-19 10:25 - 2017-02-19 10:25 - 00039267 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_26_serie_CZ_TVRip_.torrent
2017-02-19 10:23 - 2017-02-19 10:23 - 00014941 _____ C:\Users\Mustafo\Downloads\[CzT]Prichozi_Arrival_2016_WebRip_.torrent
2017-02-19 10:22 - 2017-02-19 10:22 - 00030309 _____ C:\Users\Mustafo\Downloads\[CzT]Moonlight_2016_DVDScr_.torrent
2017-02-18 10:38 - 2017-02-18 10:50 - 34799412 _____ C:\Users\Mustafo\Desktop\PPN14_06-2016.pdf
2017-02-18 10:38 - 2017-02-18 10:42 - 12932720 _____ C:\Users\Mustafo\Desktop\Detaily_T Profi_06-2014.pdf
2017-02-18 10:33 - 2017-02-18 10:33 - 09369178 _____ C:\Users\Mustafo\Downloads\160525_Terca_katalog_2016.pdf
2017-02-18 10:14 - 2017-02-18 10:14 - 00001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2017-02-18 10:13 - 2017-02-27 16:05 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-02-18 10:10 - 2017-02-18 10:10 - 00036746 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_27_serie_CZ_TVRip_.torrent
2017-02-18 10:07 - 2017-02-27 11:54 - 00000000 ____D C:\Users\Mustafo\Desktop\2017_02 THAISKO
2017-02-17 22:12 - 2017-02-17 22:12 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (1).exe
2017-02-17 22:11 - 2017-02-24 13:57 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-17 22:10 - 2017-02-17 22:10 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup.exe
2017-02-16 23:46 - 2017-02-17 20:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\MicrosoftEdge
2017-02-16 23:44 - 2017-02-16 23:44 - 00000000 _____ C:\Program Files (x86)\metadata
2017-02-16 21:22 - 2017-02-27 16:08 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1487276553
2017-02-16 21:22 - 2017-02-27 16:08 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-16 21:22 - 2017-02-27 16:05 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-16 21:19 - 2017-02-27 16:06 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-16 21:19 - 2017-02-27 16:05 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-16 21:16 - 2017-02-16 21:22 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-16 21:15 - 2017-02-16 21:15 - 06654960 _____ (AVAST Software) C:\Users\Mustafo\Downloads\avast_free_antivirus_setup_online.exe
2017-02-16 20:16 - 2017-02-16 20:17 - 00245544 _____ C:\Users\Mustafo\Downloads\Firefox Setup Stub 51.0.1 (1).exe
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Firefox
2017-02-14 23:41 - 2017-02-16 20:02 - 00000000 ____D C:\WINDOWS\system32\log
2017-02-14 14:48 - 2017-02-20 09:26 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57 - 2017-03-01 13:54 - 00000000 ____D C:\AdwCleaner
2017-02-12 21:56 - 2017-02-12 21:57 - 04015056 _____ C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
2017-02-12 21:55 - 2017-02-27 14:59 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-12 21:52 - 2017-02-12 21:52 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-12 21:45 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:45 - 2017-02-12 21:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45 - 2017-02-12 21:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-12 21:43 - 2017-02-12 21:45 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mustafo\Downloads\spybot-2.4.exe
2017-02-12 21:43 - 2017-02-12 21:43 - 00000000 _____ C:\autoexec.bat
2017-02-12 19:37 - 2017-02-12 19:37 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26 - 2017-02-12 20:33 - 00000934 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-02-12 19:26 - 2017-02-12 19:31 - 00000480 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-02-12 19:26 - 2017-02-12 19:26 - 00003502 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2017-02-12 19:26 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\UCBrowser
2017-02-12 19:25 - 2017-02-12 19:28 - 00000000 ____D C:\ProgramData\ProductData
2017-02-12 19:25 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-12 19:25 - 2017-02-12 19:25 - 00003034 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Mustafo)
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\WINDOWS\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\ProgramData\IObit
2017-02-12 19:24 - 2017-02-27 18:35 - 00000000 ____D C:\Program Files (x86)\Bulily
2017-02-12 19:24 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Anopert
2017-02-11 18:32 - 2017-02-11 18:49 - 00000000 ____D C:\Program Files\USB Disk Storage Format Tool
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 19:58 - 2016-08-07 02:32 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-01 19:56 - 2015-03-26 13:59 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 19:56 - 2015-01-08 23:29 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-01 19:55 - 2016-09-11 09:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-01 19:55 - 2016-07-12 19:59 - 00000000 __SHD C:\Users\Mustafo\IntelGraphicsProfiles
2017-03-01 19:54 - 2016-09-11 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 17:25 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 17:21 - 2016-09-11 08:59 - 04967608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-01 17:16 - 2016-09-11 09:07 - 00000000 ____D C:\Users\Mustafo
2017-03-01 17:14 - 2016-09-18 11:30 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-01 17:14 - 2016-09-11 08:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-01 17:14 - 2015-09-06 17:11 - 853315947 _____ C:\WINDOWS\MEMORY.DMP
2017-03-01 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:03 - 2016-04-27 08:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-01 13:47 - 2016-12-04 09:43 - 00000000 ____D C:\Users\Mustafo\Desktop\Lukeš RD
2017-03-01 13:47 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Graphisoft
2017-03-01 11:42 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Documents\BIMx
2017-03-01 11:38 - 2015-01-08 23:47 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Adobe
2017-02-28 17:01 - 2015-02-24 23:27 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-27 16:31 - 2015-01-08 23:02 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Google
2017-02-27 14:59 - 2015-03-26 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-25 10:53 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 05:08 - 2017-01-22 21:04 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\Mozilla
2017-02-25 05:08 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Packages
2017-02-25 04:18 - 2015-01-08 23:02 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 20:01 - 2015-01-09 22:23 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47 - 2015-01-09 07:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:45 - 2015-01-09 07:26 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 16:10 - 2015-11-12 21:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-19 12:34 - 2015-11-06 22:52 - 00000000 ____D C:\Users\Mustafo\Desktop\F
2017-02-19 12:32 - 2015-01-09 11:24 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13 - 2015-11-12 17:00 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 22:25 - 2017-01-04 23:45 - 00000000 ____D C:\Users\Mustafo\Desktop\Autodoprava Rakvice
2017-02-17 20:47 - 2015-01-09 22:22 - 00000000 ____D C:\ProgramData\Skype
2017-02-16 21:29 - 2016-04-21 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 21:15 - 2016-07-16 23:25 - 01408582 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 21:15 - 2016-07-16 23:25 - 00368470 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 21:15 - 2016-07-12 18:03 - 03303866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:14 - 2015-01-12 13:50 - 00000000 ___RD C:\Users\Mustafo\OneDrive
2017-02-12 20:33 - 2016-12-14 19:16 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001048 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001402 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001147 _____ C:\Users\Public\Desktop\ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-27 14:10 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-02-12 20:33 - 2016-09-11 09:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-12 20:33 - 2016-09-11 09:03 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2017-02-12 20:33 - 2016-07-08 11:55 - 00001223 _____ C:\Users\Public\Desktop\FIN EC v5.lnk
2017-02-12 20:33 - 2015-11-09 21:30 - 00001991 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002178 _____ C:\Users\Public\Desktop\Style Builder 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002092 _____ C:\Users\Public\Desktop\LayOut 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002003 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk
2017-02-12 20:33 - 2015-01-13 22:10 - 00000730 _____ C:\Users\Public\Desktop\GoldWave.lnk
2017-02-12 20:33 - 2015-01-10 10:42 - 00002055 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001373 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001118 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 11:42 - 00002205 _____ C:\Users\Public\Desktop\NAS Starter Utility.lnk
2017-02-12 20:33 - 2015-01-09 09:55 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2017-02-12 20:33 - 2015-01-09 09:51 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-02-12 20:32 - 2016-11-26 15:29 - 00000950 _____ C:\Users\Mustafo\Desktop\Rakvice RD Lukeš.lnk
2017-02-12 20:32 - 2016-07-21 14:13 - 00000802 _____ C:\Users\Mustafo\Desktop\Dont starve.lnk
2017-02-12 20:32 - 2016-05-02 16:55 - 00001323 _____ C:\Users\Mustafo\Desktop\ViewCompanion Pro.lnk
2017-02-12 20:32 - 2016-04-21 19:25 - 00002169 _____ C:\Users\Mustafo\Desktop\Skype.lnk
2017-02-12 20:32 - 2015-09-06 11:09 - 00001117 _____ C:\Users\Mustafo\Desktop\My WIFI Router.lnk
2017-02-12 20:32 - 2015-01-13 17:55 - 00002166 _____ C:\Users\Mustafo\Desktop\Scratch Live.lnk
2017-02-12 20:32 - 2015-01-09 11:04 - 00001013 _____ C:\Users\Mustafo\Desktop\Aide PDF to DWG Converter.lnk
2017-02-12 20:32 - 2015-01-09 10:11 - 00001739 _____ C:\Users\Mustafo\Desktop\Photoshop.lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001929 _____ C:\Users\Mustafo\Desktop\disqotek corp (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\video (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\photo (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\other (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\music (NSA320).lnk
2017-02-12 20:31 - 2016-12-12 12:26 - 00000000 ____D C:\WINDOWS\twain_64
2017-02-12 20:09 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-12 19:24 - 2016-04-25 17:56 - 00002056 __RSH C:\ProgramData\ntuser.pol
2017-02-11 18:22 - 2015-01-08 23:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:55 - 2016-04-22 14:08 - 00001243 _____ C:\Users\Mustafo\Desktop\Stavební fyzika – zástupce.lnk
2017-02-05 20:55 - 2015-01-22 22:52 - 00002248 _____ C:\Users\Mustafo\Desktop\Plot Styles – zástupce.lnk
2017-02-05 20:55 - 2015-01-10 00:08 - 00001562 _____ C:\Users\Mustafo\Desktop\Artlantis Studio – zástupce.lnk
==================== Files in the root of some directories =======
2017-02-16 23:44 - 2017-02-16 23:44 - 0000000 _____ () C:\Program Files (x86)\metadata
2017-03-01 19:55 - 2017-03-01 19:58 - 0000004 ____H () C:\ProgramData\cm-lock
2016-09-11 09:03 - 2016-09-11 09:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-10 10:37 - 2015-01-10 10:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-02-12 19:24 - 2017-02-12 19:25 - 17628560 _____ (IObit ) C:\Users\Mustafo\AppData\Local\Temp\8AD5.tmp.exe
2017-02-17 20:46 - 2017-02-17 20:46 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Mustafo\AppData\Local\Temp\SkypeSetup.exe
2016-10-29 11:57 - 2016-10-29 11:57 - 31717016 _____ () C:\Users\Mustafo\AppData\Local\Temp\vlc-2.2.4-win64.exe
2016-12-12 12:30 - 2016-12-12 12:31 - 0089584 _____ () C:\Users\Mustafo\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-20 11:47
==================== End of FRST.txt ============================
Ran by Mustafo (administrator) on MUSTAF-PC (01-03-2017 20:15:19)
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\My WIFI Router\bmser.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401888 2016-11-30] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-27] (AVAST Software)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Google Update] => C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-02-27] (Google Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-02-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-02-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{94a601af-09c2-40b1-acfb-0c06b5530d00}: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{a02a797d-1ac8-4bfb-83dc-7e7c91537e8b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130860067658589664&GUID=C2545805-3830-4908-B24F-7A1267C24085
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {02D33DDF-1717-4136-AF1D-3419819BCA74} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {3FEF9D31-CFFF-44E5-ABF7-AB7A28648155} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {51619E1B-0E22-42E0-8100-C205348C0B11} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {5D28C159-566D-40BE-B777-F7F79905576C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {8170D597-C73F-4969-9234-BE778A3ADB79} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {C932DDAB-1E7B-4E83-B5BA-585FC3758ED8} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {DFBD1763-23A0-430A-8BBD-FCB997FE3686} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {E8DA44DA-5F59-4B36-B23C-530782403A1F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {F860F61B-035A-4966-9DFF-F028FC79EDD1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: hbj4szuk.default
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default [2017-02-16]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF Homepage: Mozilla\Firefox\Profiles\hbj4szuk.default -> seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default [2017-02-25]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-02-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF SearchPlugin: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\searchplugins\luck.xml [2017-02-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Disk Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-27]
CHR Extension: (Tabulky Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-27]
CHR Extension: (Gmail) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-02-27] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-02-27] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WIFIGXENDHCPSER; C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416 2014-04-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [659336 2013-12-18] (WIBU-SYSTEMS AG)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SystemUsageReportSvc_WILLAMETTE; "C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe" [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-02-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-27] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-02-27] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-02-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-02-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-02-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-02-27] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-09] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [221448 2016-09-08] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [74344 2013-08-06] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-03-01] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-01] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-03-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-07-08] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [49656 2013-07-09] (Cristalink Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapoas; C:\WINDOWS\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 20:15 - 2017-03-01 20:15 - 00027644 _____ C:\Users\Mustafo\Desktop\FRST.txt
2017-03-01 20:15 - 2017-03-01 20:15 - 00000000 ____D C:\FRST
2017-03-01 20:12 - 2017-03-01 20:12 - 07365128 _____ (Reason Software Company Inc.) C:\Users\Mustafo\Downloads\reason-core-security-setup.exe
2017-03-01 19:59 - 2017-03-01 20:14 - 02423808 _____ (Farbar) C:\Users\Mustafo\Desktop\FRST64.exe
2017-03-01 19:59 - 2017-03-01 19:59 - 02423808 _____ (Farbar) C:\Users\Mustafo\Downloads\FRST64 (1).exe
2017-03-01 19:55 - 2017-03-01 19:58 - 00000004 ____H C:\ProgramData\cm-lock
2017-03-01 17:17 - 2017-03-01 17:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-01 17:14 - 2017-03-01 17:14 - 00389924 _____ C:\WINDOWS\Minidump\030117-30640-01.dmp
2017-03-01 14:10 - 2017-03-01 17:03 - 00000000 ____D C:\Users\TEMP
2017-03-01 13:56 - 2017-03-01 13:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-01 12:34 - 2017-03-01 13:48 - 00000320 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2017-03-01 12:34 - 2017-03-01 12:34 - 00002674 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore
2017-03-01 12:01 - 2017-03-01 12:01 - 00000000 ___RD C:\Users\Mustafo\Desktop\Camera Roll
2017-03-01 11:36 - 2017-03-01 11:36 - 00002955 _____ C:\Users\Mustafo\Downloads\AdwCleanerC12.txt
2017-03-01 11:35 - 2017-03-01 11:35 - 00002955 _____ C:\Users\Mustafo\Desktop\AdwCleaner[C12].txt
2017-03-01 11:34 - 2017-03-01 11:34 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\rsit
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Program Files\trend micro
2017-02-28 13:21 - 2017-02-28 13:21 - 01222144 _____ C:\Users\Mustafo\Downloads\RSITx64.exe
2017-02-28 02:33 - 2017-02-28 02:34 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 561555.crdownload
2017-02-28 02:29 - 2017-02-28 02:29 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 710007.crdownload
2017-02-28 02:27 - 2017-02-28 02:27 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 592077.crdownload
2017-02-28 02:25 - 2017-02-28 02:25 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 58900.crdownload
2017-02-27 16:31 - 2017-02-27 16:31 - 00002491 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-27 16:29 - 2017-02-27 16:29 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
2017-02-27 16:29 - 2017-02-27 16:29 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
2017-02-27 16:28 - 2017-02-27 16:28 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (2).exe
2017-02-27 16:06 - 2017-02-27 16:05 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00 - 2017-03-01 17:04 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-27 15:00 - 2017-02-27 15:00 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-27 14:59 - 2017-02-27 14:59 - 00001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-27 14:59 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-27 14:58 - 2017-02-27 15:00 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
2017-02-24 14:09 - 2017-02-24 17:29 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 12:59 - 2017-02-20 12:59 - 00000000 ___HD C:\$AV_ASW
2017-02-20 12:37 - 2017-02-20 12:38 - 00000000 ____D C:\Users\Mustafo\Desktop\Tata fota z tabletu
2017-02-19 10:25 - 2017-02-19 10:25 - 00039267 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_26_serie_CZ_TVRip_.torrent
2017-02-19 10:23 - 2017-02-19 10:23 - 00014941 _____ C:\Users\Mustafo\Downloads\[CzT]Prichozi_Arrival_2016_WebRip_.torrent
2017-02-19 10:22 - 2017-02-19 10:22 - 00030309 _____ C:\Users\Mustafo\Downloads\[CzT]Moonlight_2016_DVDScr_.torrent
2017-02-18 10:38 - 2017-02-18 10:50 - 34799412 _____ C:\Users\Mustafo\Desktop\PPN14_06-2016.pdf
2017-02-18 10:38 - 2017-02-18 10:42 - 12932720 _____ C:\Users\Mustafo\Desktop\Detaily_T Profi_06-2014.pdf
2017-02-18 10:33 - 2017-02-18 10:33 - 09369178 _____ C:\Users\Mustafo\Downloads\160525_Terca_katalog_2016.pdf
2017-02-18 10:14 - 2017-02-18 10:14 - 00001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2017-02-18 10:13 - 2017-02-27 16:05 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-02-18 10:10 - 2017-02-18 10:10 - 00036746 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_27_serie_CZ_TVRip_.torrent
2017-02-18 10:07 - 2017-02-27 11:54 - 00000000 ____D C:\Users\Mustafo\Desktop\2017_02 THAISKO
2017-02-17 22:12 - 2017-02-17 22:12 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (1).exe
2017-02-17 22:11 - 2017-02-24 13:57 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-17 22:10 - 2017-02-17 22:10 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup.exe
2017-02-16 23:46 - 2017-02-17 20:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\MicrosoftEdge
2017-02-16 23:44 - 2017-02-16 23:44 - 00000000 _____ C:\Program Files (x86)\metadata
2017-02-16 21:22 - 2017-02-27 16:08 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1487276553
2017-02-16 21:22 - 2017-02-27 16:08 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-16 21:22 - 2017-02-27 16:05 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-16 21:19 - 2017-02-27 16:06 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-16 21:19 - 2017-02-27 16:05 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-16 21:16 - 2017-02-16 21:22 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-16 21:15 - 2017-02-16 21:15 - 06654960 _____ (AVAST Software) C:\Users\Mustafo\Downloads\avast_free_antivirus_setup_online.exe
2017-02-16 20:16 - 2017-02-16 20:17 - 00245544 _____ C:\Users\Mustafo\Downloads\Firefox Setup Stub 51.0.1 (1).exe
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Firefox
2017-02-14 23:41 - 2017-02-16 20:02 - 00000000 ____D C:\WINDOWS\system32\log
2017-02-14 14:48 - 2017-02-20 09:26 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57 - 2017-03-01 13:54 - 00000000 ____D C:\AdwCleaner
2017-02-12 21:56 - 2017-02-12 21:57 - 04015056 _____ C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
2017-02-12 21:55 - 2017-02-27 14:59 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-12 21:52 - 2017-02-12 21:52 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-12 21:45 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:45 - 2017-02-12 21:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45 - 2017-02-12 21:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-12 21:43 - 2017-02-12 21:45 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mustafo\Downloads\spybot-2.4.exe
2017-02-12 21:43 - 2017-02-12 21:43 - 00000000 _____ C:\autoexec.bat
2017-02-12 19:37 - 2017-02-12 19:37 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26 - 2017-02-12 20:33 - 00000934 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-02-12 19:26 - 2017-02-12 19:31 - 00000480 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-02-12 19:26 - 2017-02-12 19:26 - 00003502 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2017-02-12 19:26 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\UCBrowser
2017-02-12 19:25 - 2017-02-12 19:28 - 00000000 ____D C:\ProgramData\ProductData
2017-02-12 19:25 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-12 19:25 - 2017-02-12 19:25 - 00003034 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Mustafo)
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\WINDOWS\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\ProgramData\IObit
2017-02-12 19:24 - 2017-02-27 18:35 - 00000000 ____D C:\Program Files (x86)\Bulily
2017-02-12 19:24 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Anopert
2017-02-11 18:32 - 2017-02-11 18:49 - 00000000 ____D C:\Program Files\USB Disk Storage Format Tool
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 19:58 - 2016-08-07 02:32 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-01 19:56 - 2015-03-26 13:59 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 19:56 - 2015-01-08 23:29 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-01 19:55 - 2016-09-11 09:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-01 19:55 - 2016-07-12 19:59 - 00000000 __SHD C:\Users\Mustafo\IntelGraphicsProfiles
2017-03-01 19:54 - 2016-09-11 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 17:25 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 17:21 - 2016-09-11 08:59 - 04967608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-01 17:16 - 2016-09-11 09:07 - 00000000 ____D C:\Users\Mustafo
2017-03-01 17:14 - 2016-09-18 11:30 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-01 17:14 - 2016-09-11 08:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-01 17:14 - 2015-09-06 17:11 - 853315947 _____ C:\WINDOWS\MEMORY.DMP
2017-03-01 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:03 - 2016-04-27 08:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-01 13:47 - 2016-12-04 09:43 - 00000000 ____D C:\Users\Mustafo\Desktop\Lukeš RD
2017-03-01 13:47 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Graphisoft
2017-03-01 11:42 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Documents\BIMx
2017-03-01 11:38 - 2015-01-08 23:47 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Adobe
2017-02-28 17:01 - 2015-02-24 23:27 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-27 16:31 - 2015-01-08 23:02 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Google
2017-02-27 14:59 - 2015-03-26 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-25 10:53 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 05:08 - 2017-01-22 21:04 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\Mozilla
2017-02-25 05:08 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Packages
2017-02-25 04:18 - 2015-01-08 23:02 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 20:01 - 2015-01-09 22:23 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47 - 2015-01-09 07:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:45 - 2015-01-09 07:26 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 16:10 - 2015-11-12 21:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-19 12:34 - 2015-11-06 22:52 - 00000000 ____D C:\Users\Mustafo\Desktop\F
2017-02-19 12:32 - 2015-01-09 11:24 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13 - 2015-11-12 17:00 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 22:25 - 2017-01-04 23:45 - 00000000 ____D C:\Users\Mustafo\Desktop\Autodoprava Rakvice
2017-02-17 20:47 - 2015-01-09 22:22 - 00000000 ____D C:\ProgramData\Skype
2017-02-16 21:29 - 2016-04-21 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 21:15 - 2016-07-16 23:25 - 01408582 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 21:15 - 2016-07-16 23:25 - 00368470 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 21:15 - 2016-07-12 18:03 - 03303866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:14 - 2015-01-12 13:50 - 00000000 ___RD C:\Users\Mustafo\OneDrive
2017-02-12 20:33 - 2016-12-14 19:16 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001048 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001402 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001147 _____ C:\Users\Public\Desktop\ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-27 14:10 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-02-12 20:33 - 2016-09-11 09:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-12 20:33 - 2016-09-11 09:03 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2017-02-12 20:33 - 2016-07-08 11:55 - 00001223 _____ C:\Users\Public\Desktop\FIN EC v5.lnk
2017-02-12 20:33 - 2015-11-09 21:30 - 00001991 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002178 _____ C:\Users\Public\Desktop\Style Builder 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002092 _____ C:\Users\Public\Desktop\LayOut 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002003 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk
2017-02-12 20:33 - 2015-01-13 22:10 - 00000730 _____ C:\Users\Public\Desktop\GoldWave.lnk
2017-02-12 20:33 - 2015-01-10 10:42 - 00002055 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001373 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001118 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 11:42 - 00002205 _____ C:\Users\Public\Desktop\NAS Starter Utility.lnk
2017-02-12 20:33 - 2015-01-09 09:55 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2017-02-12 20:33 - 2015-01-09 09:51 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-02-12 20:32 - 2016-11-26 15:29 - 00000950 _____ C:\Users\Mustafo\Desktop\Rakvice RD Lukeš.lnk
2017-02-12 20:32 - 2016-07-21 14:13 - 00000802 _____ C:\Users\Mustafo\Desktop\Dont starve.lnk
2017-02-12 20:32 - 2016-05-02 16:55 - 00001323 _____ C:\Users\Mustafo\Desktop\ViewCompanion Pro.lnk
2017-02-12 20:32 - 2016-04-21 19:25 - 00002169 _____ C:\Users\Mustafo\Desktop\Skype.lnk
2017-02-12 20:32 - 2015-09-06 11:09 - 00001117 _____ C:\Users\Mustafo\Desktop\My WIFI Router.lnk
2017-02-12 20:32 - 2015-01-13 17:55 - 00002166 _____ C:\Users\Mustafo\Desktop\Scratch Live.lnk
2017-02-12 20:32 - 2015-01-09 11:04 - 00001013 _____ C:\Users\Mustafo\Desktop\Aide PDF to DWG Converter.lnk
2017-02-12 20:32 - 2015-01-09 10:11 - 00001739 _____ C:\Users\Mustafo\Desktop\Photoshop.lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001929 _____ C:\Users\Mustafo\Desktop\disqotek corp (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\video (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\photo (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\other (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\music (NSA320).lnk
2017-02-12 20:31 - 2016-12-12 12:26 - 00000000 ____D C:\WINDOWS\twain_64
2017-02-12 20:09 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-12 19:24 - 2016-04-25 17:56 - 00002056 __RSH C:\ProgramData\ntuser.pol
2017-02-11 18:22 - 2015-01-08 23:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:55 - 2016-04-22 14:08 - 00001243 _____ C:\Users\Mustafo\Desktop\Stavební fyzika – zástupce.lnk
2017-02-05 20:55 - 2015-01-22 22:52 - 00002248 _____ C:\Users\Mustafo\Desktop\Plot Styles – zástupce.lnk
2017-02-05 20:55 - 2015-01-10 00:08 - 00001562 _____ C:\Users\Mustafo\Desktop\Artlantis Studio – zástupce.lnk
==================== Files in the root of some directories =======
2017-02-16 23:44 - 2017-02-16 23:44 - 0000000 _____ () C:\Program Files (x86)\metadata
2017-03-01 19:55 - 2017-03-01 19:58 - 0000004 ____H () C:\ProgramData\cm-lock
2016-09-11 09:03 - 2016-09-11 09:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-10 10:37 - 2015-01-10 10:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-02-12 19:24 - 2017-02-12 19:25 - 17628560 _____ (IObit ) C:\Users\Mustafo\AppData\Local\Temp\8AD5.tmp.exe
2017-02-17 20:46 - 2017-02-17 20:46 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Mustafo\AppData\Local\Temp\SkypeSetup.exe
2016-10-29 11:57 - 2016-10-29 11:57 - 31717016 _____ () C:\Users\Mustafo\AppData\Local\Temp\vlc-2.2.4-win64.exe
2016-12-12 12:30 - 2016-12-12 12:31 - 0089584 _____ () C:\Users\Mustafo\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-20 11:47
==================== End of FRST.txt ============================
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Mustafo (administrator) on MUSTAF-PC (01-03-2017 20:15:19)
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\My WIFI Router\bmser.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401888 2016-11-30] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-27] (AVAST Software)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Google Update] => C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-02-27] (Google Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-02-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-02-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{94a601af-09c2-40b1-acfb-0c06b5530d00}: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{a02a797d-1ac8-4bfb-83dc-7e7c91537e8b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130860067658589664&GUID=C2545805-3830-4908-B24F-7A1267C24085
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {02D33DDF-1717-4136-AF1D-3419819BCA74} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {3FEF9D31-CFFF-44E5-ABF7-AB7A28648155} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {51619E1B-0E22-42E0-8100-C205348C0B11} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {5D28C159-566D-40BE-B777-F7F79905576C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {8170D597-C73F-4969-9234-BE778A3ADB79} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {C932DDAB-1E7B-4E83-B5BA-585FC3758ED8} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {DFBD1763-23A0-430A-8BBD-FCB997FE3686} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {E8DA44DA-5F59-4B36-B23C-530782403A1F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {F860F61B-035A-4966-9DFF-F028FC79EDD1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: hbj4szuk.default
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default [2017-02-16]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF Homepage: Mozilla\Firefox\Profiles\hbj4szuk.default -> seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default [2017-02-25]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-02-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF SearchPlugin: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\searchplugins\luck.xml [2017-02-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Disk Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-27]
CHR Extension: (Tabulky Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-27]
CHR Extension: (Gmail) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-02-27] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-02-27] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WIFIGXENDHCPSER; C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416 2014-04-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [659336 2013-12-18] (WIBU-SYSTEMS AG)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SystemUsageReportSvc_WILLAMETTE; "C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe" [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-02-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-27] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-02-27] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-02-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-02-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-02-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-02-27] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-09] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [221448 2016-09-08] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [74344 2013-08-06] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-03-01] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-01] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-03-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-07-08] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [49656 2013-07-09] (Cristalink Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapoas; C:\WINDOWS\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 20:15 - 2017-03-01 20:15 - 00027644 _____ C:\Users\Mustafo\Desktop\FRST.txt
2017-03-01 20:15 - 2017-03-01 20:15 - 00000000 ____D C:\FRST
2017-03-01 20:12 - 2017-03-01 20:12 - 07365128 _____ (Reason Software Company Inc.) C:\Users\Mustafo\Downloads\reason-core-security-setup.exe
2017-03-01 19:59 - 2017-03-01 20:14 - 02423808 _____ (Farbar) C:\Users\Mustafo\Desktop\FRST64.exe
2017-03-01 19:59 - 2017-03-01 19:59 - 02423808 _____ (Farbar) C:\Users\Mustafo\Downloads\FRST64 (1).exe
2017-03-01 19:55 - 2017-03-01 19:58 - 00000004 ____H C:\ProgramData\cm-lock
2017-03-01 17:17 - 2017-03-01 17:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-01 17:14 - 2017-03-01 17:14 - 00389924 _____ C:\WINDOWS\Minidump\030117-30640-01.dmp
2017-03-01 14:10 - 2017-03-01 17:03 - 00000000 ____D C:\Users\TEMP
2017-03-01 13:56 - 2017-03-01 13:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-01 12:34 - 2017-03-01 13:48 - 00000320 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2017-03-01 12:34 - 2017-03-01 12:34 - 00002674 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore
2017-03-01 12:01 - 2017-03-01 12:01 - 00000000 ___RD C:\Users\Mustafo\Desktop\Camera Roll
2017-03-01 11:36 - 2017-03-01 11:36 - 00002955 _____ C:\Users\Mustafo\Downloads\AdwCleanerC12.txt
2017-03-01 11:35 - 2017-03-01 11:35 - 00002955 _____ C:\Users\Mustafo\Desktop\AdwCleaner[C12].txt
2017-03-01 11:34 - 2017-03-01 11:34 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\rsit
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Program Files\trend micro
2017-02-28 13:21 - 2017-02-28 13:21 - 01222144 _____ C:\Users\Mustafo\Downloads\RSITx64.exe
2017-02-28 02:33 - 2017-02-28 02:34 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 561555.crdownload
2017-02-28 02:29 - 2017-02-28 02:29 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 710007.crdownload
2017-02-28 02:27 - 2017-02-28 02:27 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 592077.crdownload
2017-02-28 02:25 - 2017-02-28 02:25 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 58900.crdownload
2017-02-27 16:31 - 2017-02-27 16:31 - 00002491 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-27 16:29 - 2017-02-27 16:29 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
2017-02-27 16:29 - 2017-02-27 16:29 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
2017-02-27 16:28 - 2017-02-27 16:28 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (2).exe
2017-02-27 16:06 - 2017-02-27 16:05 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00 - 2017-03-01 17:04 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-27 15:00 - 2017-02-27 15:00 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-27 14:59 - 2017-02-27 14:59 - 00001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-27 14:59 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-27 14:58 - 2017-02-27 15:00 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
2017-02-24 14:09 - 2017-02-24 17:29 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 12:59 - 2017-02-20 12:59 - 00000000 ___HD C:\$AV_ASW
2017-02-20 12:37 - 2017-02-20 12:38 - 00000000 ____D C:\Users\Mustafo\Desktop\Tata fota z tabletu
2017-02-19 10:25 - 2017-02-19 10:25 - 00039267 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_26_serie_CZ_TVRip_.torrent
2017-02-19 10:23 - 2017-02-19 10:23 - 00014941 _____ C:\Users\Mustafo\Downloads\[CzT]Prichozi_Arrival_2016_WebRip_.torrent
2017-02-19 10:22 - 2017-02-19 10:22 - 00030309 _____ C:\Users\Mustafo\Downloads\[CzT]Moonlight_2016_DVDScr_.torrent
2017-02-18 10:38 - 2017-02-18 10:50 - 34799412 _____ C:\Users\Mustafo\Desktop\PPN14_06-2016.pdf
2017-02-18 10:38 - 2017-02-18 10:42 - 12932720 _____ C:\Users\Mustafo\Desktop\Detaily_T Profi_06-2014.pdf
2017-02-18 10:33 - 2017-02-18 10:33 - 09369178 _____ C:\Users\Mustafo\Downloads\160525_Terca_katalog_2016.pdf
2017-02-18 10:14 - 2017-02-18 10:14 - 00001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2017-02-18 10:13 - 2017-02-27 16:05 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-02-18 10:10 - 2017-02-18 10:10 - 00036746 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_27_serie_CZ_TVRip_.torrent
2017-02-18 10:07 - 2017-02-27 11:54 - 00000000 ____D C:\Users\Mustafo\Desktop\2017_02 THAISKO
2017-02-17 22:12 - 2017-02-17 22:12 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (1).exe
2017-02-17 22:11 - 2017-02-24 13:57 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-17 22:10 - 2017-02-17 22:10 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup.exe
2017-02-16 23:46 - 2017-02-17 20:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\MicrosoftEdge
2017-02-16 23:44 - 2017-02-16 23:44 - 00000000 _____ C:\Program Files (x86)\metadata
2017-02-16 21:22 - 2017-02-27 16:08 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1487276553
2017-02-16 21:22 - 2017-02-27 16:08 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-16 21:22 - 2017-02-27 16:05 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-16 21:19 - 2017-02-27 16:06 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-16 21:19 - 2017-02-27 16:05 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-16 21:16 - 2017-02-16 21:22 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-16 21:15 - 2017-02-16 21:15 - 06654960 _____ (AVAST Software) C:\Users\Mustafo\Downloads\avast_free_antivirus_setup_online.exe
2017-02-16 20:16 - 2017-02-16 20:17 - 00245544 _____ C:\Users\Mustafo\Downloads\Firefox Setup Stub 51.0.1 (1).exe
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Firefox
2017-02-14 23:41 - 2017-02-16 20:02 - 00000000 ____D C:\WINDOWS\system32\log
2017-02-14 14:48 - 2017-02-20 09:26 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57 - 2017-03-01 13:54 - 00000000 ____D C:\AdwCleaner
2017-02-12 21:56 - 2017-02-12 21:57 - 04015056 _____ C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
2017-02-12 21:55 - 2017-02-27 14:59 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-12 21:52 - 2017-02-12 21:52 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-12 21:45 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:45 - 2017-02-12 21:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45 - 2017-02-12 21:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-12 21:43 - 2017-02-12 21:45 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mustafo\Downloads\spybot-2.4.exe
2017-02-12 21:43 - 2017-02-12 21:43 - 00000000 _____ C:\autoexec.bat
2017-02-12 19:37 - 2017-02-12 19:37 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26 - 2017-02-12 20:33 - 00000934 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-02-12 19:26 - 2017-02-12 19:31 - 00000480 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-02-12 19:26 - 2017-02-12 19:26 - 00003502 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2017-02-12 19:26 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\UCBrowser
2017-02-12 19:25 - 2017-02-12 19:28 - 00000000 ____D C:\ProgramData\ProductData
2017-02-12 19:25 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-12 19:25 - 2017-02-12 19:25 - 00003034 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Mustafo)
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\WINDOWS\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\ProgramData\IObit
2017-02-12 19:24 - 2017-02-27 18:35 - 00000000 ____D C:\Program Files (x86)\Bulily
2017-02-12 19:24 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Anopert
2017-02-11 18:32 - 2017-02-11 18:49 - 00000000 ____D C:\Program Files\USB Disk Storage Format Tool
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 19:58 - 2016-08-07 02:32 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-01 19:56 - 2015-03-26 13:59 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 19:56 - 2015-01-08 23:29 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-01 19:55 - 2016-09-11 09:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-01 19:55 - 2016-07-12 19:59 - 00000000 __SHD C:\Users\Mustafo\IntelGraphicsProfiles
2017-03-01 19:54 - 2016-09-11 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 17:25 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 17:21 - 2016-09-11 08:59 - 04967608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-01 17:16 - 2016-09-11 09:07 - 00000000 ____D C:\Users\Mustafo
2017-03-01 17:14 - 2016-09-18 11:30 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-01 17:14 - 2016-09-11 08:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-01 17:14 - 2015-09-06 17:11 - 853315947 _____ C:\WINDOWS\MEMORY.DMP
2017-03-01 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:03 - 2016-04-27 08:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-01 13:47 - 2016-12-04 09:43 - 00000000 ____D C:\Users\Mustafo\Desktop\Lukeš RD
2017-03-01 13:47 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Graphisoft
2017-03-01 11:42 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Documents\BIMx
2017-03-01 11:38 - 2015-01-08 23:47 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Adobe
2017-02-28 17:01 - 2015-02-24 23:27 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-27 16:31 - 2015-01-08 23:02 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Google
2017-02-27 14:59 - 2015-03-26 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-25 10:53 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 05:08 - 2017-01-22 21:04 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\Mozilla
2017-02-25 05:08 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Packages
2017-02-25 04:18 - 2015-01-08 23:02 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 20:01 - 2015-01-09 22:23 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47 - 2015-01-09 07:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:45 - 2015-01-09 07:26 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 16:10 - 2015-11-12 21:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-19 12:34 - 2015-11-06 22:52 - 00000000 ____D C:\Users\Mustafo\Desktop\F
2017-02-19 12:32 - 2015-01-09 11:24 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13 - 2015-11-12 17:00 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 22:25 - 2017-01-04 23:45 - 00000000 ____D C:\Users\Mustafo\Desktop\Autodoprava Rakvice
2017-02-17 20:47 - 2015-01-09 22:22 - 00000000 ____D C:\ProgramData\Skype
2017-02-16 21:29 - 2016-04-21 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 21:15 - 2016-07-16 23:25 - 01408582 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 21:15 - 2016-07-16 23:25 - 00368470 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 21:15 - 2016-07-12 18:03 - 03303866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:14 - 2015-01-12 13:50 - 00000000 ___RD C:\Users\Mustafo\OneDrive
2017-02-12 20:33 - 2016-12-14 19:16 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001048 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001402 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001147 _____ C:\Users\Public\Desktop\ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-27 14:10 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-02-12 20:33 - 2016-09-11 09:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-12 20:33 - 2016-09-11 09:03 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2017-02-12 20:33 - 2016-07-08 11:55 - 00001223 _____ C:\Users\Public\Desktop\FIN EC v5.lnk
2017-02-12 20:33 - 2015-11-09 21:30 - 00001991 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002178 _____ C:\Users\Public\Desktop\Style Builder 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002092 _____ C:\Users\Public\Desktop\LayOut 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002003 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk
2017-02-12 20:33 - 2015-01-13 22:10 - 00000730 _____ C:\Users\Public\Desktop\GoldWave.lnk
2017-02-12 20:33 - 2015-01-10 10:42 - 00002055 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001373 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001118 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 11:42 - 00002205 _____ C:\Users\Public\Desktop\NAS Starter Utility.lnk
2017-02-12 20:33 - 2015-01-09 09:55 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2017-02-12 20:33 - 2015-01-09 09:51 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-02-12 20:32 - 2016-11-26 15:29 - 00000950 _____ C:\Users\Mustafo\Desktop\Rakvice RD Lukeš.lnk
2017-02-12 20:32 - 2016-07-21 14:13 - 00000802 _____ C:\Users\Mustafo\Desktop\Dont starve.lnk
2017-02-12 20:32 - 2016-05-02 16:55 - 00001323 _____ C:\Users\Mustafo\Desktop\ViewCompanion Pro.lnk
2017-02-12 20:32 - 2016-04-21 19:25 - 00002169 _____ C:\Users\Mustafo\Desktop\Skype.lnk
2017-02-12 20:32 - 2015-09-06 11:09 - 00001117 _____ C:\Users\Mustafo\Desktop\My WIFI Router.lnk
2017-02-12 20:32 - 2015-01-13 17:55 - 00002166 _____ C:\Users\Mustafo\Desktop\Scratch Live.lnk
2017-02-12 20:32 - 2015-01-09 11:04 - 00001013 _____ C:\Users\Mustafo\Desktop\Aide PDF to DWG Converter.lnk
2017-02-12 20:32 - 2015-01-09 10:11 - 00001739 _____ C:\Users\Mustafo\Desktop\Photoshop.lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001929 _____ C:\Users\Mustafo\Desktop\disqotek corp (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\video (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\photo (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\other (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\music (NSA320).lnk
2017-02-12 20:31 - 2016-12-12 12:26 - 00000000 ____D C:\WINDOWS\twain_64
2017-02-12 20:09 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-12 19:24 - 2016-04-25 17:56 - 00002056 __RSH C:\ProgramData\ntuser.pol
2017-02-11 18:22 - 2015-01-08 23:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:55 - 2016-04-22 14:08 - 00001243 _____ C:\Users\Mustafo\Desktop\Stavební fyzika – zástupce.lnk
2017-02-05 20:55 - 2015-01-22 22:52 - 00002248 _____ C:\Users\Mustafo\Desktop\Plot Styles – zástupce.lnk
2017-02-05 20:55 - 2015-01-10 00:08 - 00001562 _____ C:\Users\Mustafo\Desktop\Artlantis Studio – zástupce.lnk
==================== Files in the root of some directories =======
2017-02-16 23:44 - 2017-02-16 23:44 - 0000000 _____ () C:\Program Files (x86)\metadata
2017-03-01 19:55 - 2017-03-01 19:58 - 0000004 ____H () C:\ProgramData\cm-lock
2016-09-11 09:03 - 2016-09-11 09:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-10 10:37 - 2015-01-10 10:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-02-12 19:24 - 2017-02-12 19:25 - 17628560 _____ (IObit ) C:\Users\Mustafo\AppData\Local\Temp\8AD5.tmp.exe
2017-02-17 20:46 - 2017-02-17 20:46 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Mustafo\AppData\Local\Temp\SkypeSetup.exe
2016-10-29 11:57 - 2016-10-29 11:57 - 31717016 _____ () C:\Users\Mustafo\AppData\Local\Temp\vlc-2.2.4-win64.exe
2016-12-12 12:30 - 2016-12-12 12:31 - 0089584 _____ () C:\Users\Mustafo\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-20 11:47
==================== End of FRST.txt ============================
Ran by Mustafo (administrator) on MUSTAF-PC (01-03-2017 20:15:19)
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\My WIFI Router\bmser.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Users\Mustafo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401888 2016-11-30] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-27] (AVAST Software)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mustafo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Run: [Google Update] => C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-02-27] (Google Inc.)
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2017-02-12]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2017-02-12]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{94a601af-09c2-40b1-acfb-0c06b5530d00}: [DhcpNameServer] 192.168.100.1 0.0.0.0
Tcpip\..\Interfaces\{a02a797d-1ac8-4bfb-83dc-7e7c91537e8b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3357248357-3471837598-2797894705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130860067658589664&GUID=C2545805-3830-4908-B24F-7A1267C24085
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {02D33DDF-1717-4136-AF1D-3419819BCA74} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {3FEF9D31-CFFF-44E5-ABF7-AB7A28648155} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {51619E1B-0E22-42E0-8100-C205348C0B11} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {5D28C159-566D-40BE-B777-F7F79905576C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {8170D597-C73F-4969-9234-BE778A3ADB79} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {C932DDAB-1E7B-4E83-B5BA-585FC3758ED8} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {DFBD1763-23A0-430A-8BBD-FCB997FE3686} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {E8DA44DA-5F59-4B36-B23C-530782403A1F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3357248357-3471837598-2797894705-1001 -> {F860F61B-035A-4966-9DFF-F028FC79EDD1} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-15] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: hbj4szuk.default
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default [2017-02-16]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbj4szuk.default -> luck
FF Homepage: Mozilla\Firefox\Profiles\hbj4szuk.default -> seznam.cz/
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Mozilla\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF ProfilePath: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default [2017-02-25]
FF user.js: detected! => C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\user.js [2017-02-16]
FF DefaultSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SearchEngineOrder.1: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF SelectedSearchEngine: Firefox\Firefox\Profiles\hbj4szuk.default -> luck
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-02-24] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-06]
FF SearchPlugin: C:\Users\Mustafo\AppData\Roaming\Firefox\Firefox\Profiles\hbj4szuk.default\searchplugins\luck.xml [2017-02-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3357248357-3471837598-2797894705-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mustafo\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-27] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Disk Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Avast SafePrice) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-27]
CHR Extension: (Tabulky Google) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-27]
CHR Extension: (Gmail) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\Mustafo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-02-27] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-02-27] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WIFIGXENDHCPSER; C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416 2014-04-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WkSvw32.exe; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [659336 2013-12-18] (WIBU-SYSTEMS AG)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 SystemUsageReportSvc_WILLAMETTE; "C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe" [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-02-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-02-27] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-02-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-02-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-02-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-02-27] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-02-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-02-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-02-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-02-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-02-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-02-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-02-27] (AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-09] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-02-12] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [221448 2016-09-08] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [74344 2013-08-06] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-03-01] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-01] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-03-01] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-07-08] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [49656 2013-07-09] (Cristalink Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapoas; C:\WINDOWS\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 20:15 - 2017-03-01 20:15 - 00027644 _____ C:\Users\Mustafo\Desktop\FRST.txt
2017-03-01 20:15 - 2017-03-01 20:15 - 00000000 ____D C:\FRST
2017-03-01 20:12 - 2017-03-01 20:12 - 07365128 _____ (Reason Software Company Inc.) C:\Users\Mustafo\Downloads\reason-core-security-setup.exe
2017-03-01 19:59 - 2017-03-01 20:14 - 02423808 _____ (Farbar) C:\Users\Mustafo\Desktop\FRST64.exe
2017-03-01 19:59 - 2017-03-01 19:59 - 02423808 _____ (Farbar) C:\Users\Mustafo\Downloads\FRST64 (1).exe
2017-03-01 19:55 - 2017-03-01 19:58 - 00000004 ____H C:\ProgramData\cm-lock
2017-03-01 17:17 - 2017-03-01 17:17 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-01 17:14 - 2017-03-01 17:14 - 00389924 _____ C:\WINDOWS\Minidump\030117-30640-01.dmp
2017-03-01 14:10 - 2017-03-01 17:03 - 00000000 ____D C:\Users\TEMP
2017-03-01 13:56 - 2017-03-01 13:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-01 12:34 - 2017-03-01 13:48 - 00000320 _____ C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2017-03-01 12:34 - 2017-03-01 12:34 - 00002674 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore
2017-03-01 12:01 - 2017-03-01 12:01 - 00000000 ___RD C:\Users\Mustafo\Desktop\Camera Roll
2017-03-01 11:36 - 2017-03-01 11:36 - 00002955 _____ C:\Users\Mustafo\Downloads\AdwCleanerC12.txt
2017-03-01 11:35 - 2017-03-01 11:35 - 00002955 _____ C:\Users\Mustafo\Desktop\AdwCleaner[C12].txt
2017-03-01 11:34 - 2017-03-01 11:34 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\rsit
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Program Files\trend micro
2017-02-28 13:21 - 2017-02-28 13:21 - 01222144 _____ C:\Users\Mustafo\Downloads\RSITx64.exe
2017-02-28 02:33 - 2017-02-28 02:34 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 561555.crdownload
2017-02-28 02:29 - 2017-02-28 02:29 - 03910208 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 710007.crdownload
2017-02-28 02:27 - 2017-02-28 02:27 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 592077.crdownload
2017-02-28 02:25 - 2017-02-28 02:25 - 04015056 _____ C:\Users\Mustafo\Downloads\Nepotvrzeno 58900.crdownload
2017-02-27 16:31 - 2017-02-27 16:31 - 00002491 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-27 16:29 - 2017-02-27 16:29 - 00003738 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
2017-02-27 16:29 - 2017-02-27 16:29 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
2017-02-27 16:28 - 2017-02-27 16:28 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (2).exe
2017-02-27 16:06 - 2017-02-27 16:05 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-27 15:00 - 2017-03-01 17:04 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-27 15:00 - 2017-03-01 17:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-27 15:00 - 2017-02-27 15:00 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-27 14:59 - 2017-02-27 14:59 - 00001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-27 14:59 - 2017-02-27 14:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-27 14:59 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-27 14:58 - 2017-02-27 15:00 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469 (1).exe
2017-02-24 14:09 - 2017-02-24 17:29 - 00002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-20 12:59 - 2017-02-20 12:59 - 00000000 ___HD C:\$AV_ASW
2017-02-20 12:37 - 2017-02-20 12:38 - 00000000 ____D C:\Users\Mustafo\Desktop\Tata fota z tabletu
2017-02-19 10:25 - 2017-02-19 10:25 - 00039267 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_26_serie_CZ_TVRip_.torrent
2017-02-19 10:23 - 2017-02-19 10:23 - 00014941 _____ C:\Users\Mustafo\Downloads\[CzT]Prichozi_Arrival_2016_WebRip_.torrent
2017-02-19 10:22 - 2017-02-19 10:22 - 00030309 _____ C:\Users\Mustafo\Downloads\[CzT]Moonlight_2016_DVDScr_.torrent
2017-02-18 10:38 - 2017-02-18 10:50 - 34799412 _____ C:\Users\Mustafo\Desktop\PPN14_06-2016.pdf
2017-02-18 10:38 - 2017-02-18 10:42 - 12932720 _____ C:\Users\Mustafo\Desktop\Detaily_T Profi_06-2014.pdf
2017-02-18 10:33 - 2017-02-18 10:33 - 09369178 _____ C:\Users\Mustafo\Downloads\160525_Terca_katalog_2016.pdf
2017-02-18 10:14 - 2017-02-18 10:14 - 00001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2017-02-18 10:13 - 2017-02-27 16:05 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-02-18 10:10 - 2017-02-18 10:10 - 00036746 _____ C:\Users\Mustafo\Downloads\[CzT]Simpsonovi_The_Simpsons_27_serie_CZ_TVRip_.torrent
2017-02-18 10:07 - 2017-02-27 11:54 - 00000000 ____D C:\Users\Mustafo\Desktop\2017_02 THAISKO
2017-02-17 22:12 - 2017-02-17 22:12 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup (1).exe
2017-02-17 22:11 - 2017-02-24 13:57 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-17 22:10 - 2017-02-17 22:10 - 01129376 _____ (Google Inc.) C:\Users\Mustafo\Downloads\ChromeSetup.exe
2017-02-16 23:46 - 2017-02-17 20:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\MicrosoftEdge
2017-02-16 23:44 - 2017-02-16 23:44 - 00000000 _____ C:\Program Files (x86)\metadata
2017-02-16 21:22 - 2017-02-27 16:08 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1487276553
2017-02-16 21:22 - 2017-02-27 16:08 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-02-16 21:22 - 2017-02-27 16:05 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-02-16 21:19 - 2017-02-27 16:06 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-16 21:19 - 2017-02-27 16:05 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-16 21:19 - 2017-02-27 16:05 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\AVAST Software
2017-02-16 21:19 - 2017-02-16 21:19 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-16 21:16 - 2017-02-16 21:22 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-16 21:15 - 2017-02-16 21:15 - 06654960 _____ (AVAST Software) C:\Users\Mustafo\Downloads\avast_free_antivirus_setup_online.exe
2017-02-16 20:16 - 2017-02-16 20:17 - 00245544 _____ C:\Users\Mustafo\Downloads\Firefox Setup Stub 51.0.1 (1).exe
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Firefox
2017-02-14 23:42 - 2017-02-14 23:42 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Firefox
2017-02-14 23:41 - 2017-02-16 20:02 - 00000000 ____D C:\WINDOWS\system32\log
2017-02-14 14:48 - 2017-02-20 09:26 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-12 21:57 - 2017-03-01 13:54 - 00000000 ____D C:\AdwCleaner
2017-02-12 21:56 - 2017-02-12 21:57 - 04015056 _____ C:\Users\Mustafo\Desktop\adwcleaner_6.043.exe
2017-02-12 21:55 - 2017-02-27 14:59 - 55566792 _____ (Malwarebytes ) C:\Users\Mustafo\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-12 21:52 - 2017-02-12 21:52 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-12 21:45 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-12 21:45 - 2017-02-12 21:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-12 21:45 - 2017-02-12 21:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-12 21:43 - 2017-02-12 21:45 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mustafo\Downloads\spybot-2.4.exe
2017-02-12 21:43 - 2017-02-12 21:43 - 00000000 _____ C:\autoexec.bat
2017-02-12 19:37 - 2017-02-12 19:37 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-02-12 19:26 - 2017-02-12 20:33 - 00000934 _____ C:\Users\Mustafo\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-02-12 19:26 - 2017-02-12 19:31 - 00000480 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-02-12 19:26 - 2017-02-12 19:26 - 00003502 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2017-02-12 19:26 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\Local\UCBrowser
2017-02-12 19:25 - 2017-02-12 19:28 - 00000000 ____D C:\ProgramData\ProductData
2017-02-12 19:25 - 2017-02-12 19:26 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-12 19:25 - 2017-02-12 19:25 - 00003034 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Mustafo)
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\WINDOWS\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Public\Thunder Network
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\IObit
2017-02-12 19:25 - 2017-02-12 19:25 - 00000000 ____D C:\ProgramData\IObit
2017-02-12 19:24 - 2017-02-27 18:35 - 00000000 ____D C:\Program Files (x86)\Bulily
2017-02-12 19:24 - 2017-02-12 19:25 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Anopert
2017-02-11 18:32 - 2017-02-11 18:49 - 00000000 ____D C:\Program Files\USB Disk Storage Format Tool
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 19:58 - 2016-08-07 02:32 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-01 19:56 - 2015-03-26 13:59 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 19:56 - 2015-01-08 23:29 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-01 19:55 - 2016-09-11 09:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-01 19:55 - 2016-07-12 19:59 - 00000000 __SHD C:\Users\Mustafo\IntelGraphicsProfiles
2017-03-01 19:54 - 2016-09-11 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 17:25 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 17:21 - 2016-09-11 08:59 - 04967608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-01 17:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-01 17:16 - 2016-09-11 09:07 - 00000000 ____D C:\Users\Mustafo
2017-03-01 17:14 - 2016-09-18 11:30 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-01 17:14 - 2016-09-11 08:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-01 17:14 - 2015-09-06 17:11 - 853315947 _____ C:\WINDOWS\MEMORY.DMP
2017-03-01 17:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:03 - 2016-04-27 08:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-01 13:47 - 2016-12-04 09:43 - 00000000 ____D C:\Users\Mustafo\Desktop\Lukeš RD
2017-03-01 13:47 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Graphisoft
2017-03-01 11:42 - 2015-01-09 13:46 - 00000000 ____D C:\Users\Mustafo\Documents\BIMx
2017-03-01 11:38 - 2015-01-08 23:47 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Adobe
2017-02-28 17:01 - 2015-02-24 23:27 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\vlc
2017-02-27 16:31 - 2015-01-08 23:02 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Google
2017-02-27 14:59 - 2015-03-26 13:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-25 10:53 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 05:08 - 2017-01-22 21:04 - 00000000 ____D C:\Users\Mustafo\AppData\LocalLow\Mozilla
2017-02-25 05:08 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Local\Packages
2017-02-25 04:18 - 2015-01-08 23:02 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-24 20:01 - 2015-01-09 22:23 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Skype
2017-02-24 12:47 - 2015-01-09 07:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 12:45 - 2015-01-09 07:26 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 16:31 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 16:10 - 2015-11-12 21:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-19 12:34 - 2015-11-06 22:52 - 00000000 ____D C:\Users\Mustafo\Desktop\F
2017-02-19 12:32 - 2015-01-09 11:24 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\BitTorrent
2017-02-18 10:13 - 2015-11-12 17:00 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-17 22:25 - 2017-01-04 23:45 - 00000000 ____D C:\Users\Mustafo\Desktop\Autodoprava Rakvice
2017-02-17 20:47 - 2015-01-09 22:22 - 00000000 ____D C:\ProgramData\Skype
2017-02-16 21:29 - 2016-04-21 19:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-16 21:15 - 2016-07-16 23:25 - 01408582 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 21:15 - 2016-07-16 23:25 - 00368470 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 21:15 - 2016-07-12 18:03 - 03303866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 20:14 - 2015-01-12 13:50 - 00000000 ___RD C:\Users\Mustafo\OneDrive
2017-02-12 20:33 - 2016-12-14 19:16 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-02-12 20:33 - 2016-12-12 12:35 - 00001048 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001402 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-28 11:14 - 00001147 _____ C:\Users\Public\Desktop\ArchiCAD 19.lnk
2017-02-12 20:33 - 2016-10-27 14:10 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-02-12 20:33 - 2016-09-11 09:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-12 20:33 - 2016-09-11 09:03 - 00001383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2017-02-12 20:33 - 2016-07-08 11:55 - 00001223 _____ C:\Users\Public\Desktop\FIN EC v5.lnk
2017-02-12 20:33 - 2015-11-09 21:30 - 00001991 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002178 _____ C:\Users\Public\Desktop\Style Builder 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002092 _____ C:\Users\Public\Desktop\LayOut 2015.lnk
2017-02-12 20:33 - 2015-06-26 19:09 - 00002003 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk
2017-02-12 20:33 - 2015-01-13 22:10 - 00000730 _____ C:\Users\Public\Desktop\GoldWave.lnk
2017-02-12 20:33 - 2015-01-10 10:42 - 00002055 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001373 _____ C:\Users\Public\Desktop\BIMx pro ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 13:23 - 00001118 _____ C:\Users\Public\Desktop\ArchiCAD 18.lnk
2017-02-12 20:33 - 2015-01-09 11:42 - 00002205 _____ C:\Users\Public\Desktop\NAS Starter Utility.lnk
2017-02-12 20:33 - 2015-01-09 09:55 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2017-02-12 20:33 - 2015-01-09 09:51 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2017-02-12 20:33 - 2015-01-09 09:43 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2017-02-12 20:32 - 2016-11-26 15:29 - 00000950 _____ C:\Users\Mustafo\Desktop\Rakvice RD Lukeš.lnk
2017-02-12 20:32 - 2016-07-21 14:13 - 00000802 _____ C:\Users\Mustafo\Desktop\Dont starve.lnk
2017-02-12 20:32 - 2016-05-02 16:55 - 00001323 _____ C:\Users\Mustafo\Desktop\ViewCompanion Pro.lnk
2017-02-12 20:32 - 2016-04-21 19:25 - 00002169 _____ C:\Users\Mustafo\Desktop\Skype.lnk
2017-02-12 20:32 - 2015-09-06 11:09 - 00001117 _____ C:\Users\Mustafo\Desktop\My WIFI Router.lnk
2017-02-12 20:32 - 2015-01-13 17:55 - 00002166 _____ C:\Users\Mustafo\Desktop\Scratch Live.lnk
2017-02-12 20:32 - 2015-01-09 11:04 - 00001013 _____ C:\Users\Mustafo\Desktop\Aide PDF to DWG Converter.lnk
2017-02-12 20:32 - 2015-01-09 10:11 - 00001739 _____ C:\Users\Mustafo\Desktop\Photoshop.lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001929 _____ C:\Users\Mustafo\Desktop\disqotek corp (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\video (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\photo (NSA320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\other (Nsa320).lnk
2017-02-12 20:32 - 2015-01-09 09:30 - 00001881 _____ C:\Users\Mustafo\Desktop\music (NSA320).lnk
2017-02-12 20:31 - 2016-12-12 12:26 - 00000000 ____D C:\WINDOWS\twain_64
2017-02-12 20:09 - 2015-01-08 22:53 - 00000000 ____D C:\Users\Mustafo\AppData\Roaming\Adobe
2017-02-12 19:24 - 2016-04-25 17:56 - 00002056 __RSH C:\ProgramData\ntuser.pol
2017-02-11 18:22 - 2015-01-08 23:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:55 - 2016-04-22 14:08 - 00001243 _____ C:\Users\Mustafo\Desktop\Stavební fyzika – zástupce.lnk
2017-02-05 20:55 - 2015-01-22 22:52 - 00002248 _____ C:\Users\Mustafo\Desktop\Plot Styles – zástupce.lnk
2017-02-05 20:55 - 2015-01-10 00:08 - 00001562 _____ C:\Users\Mustafo\Desktop\Artlantis Studio – zástupce.lnk
==================== Files in the root of some directories =======
2017-02-16 23:44 - 2017-02-16 23:44 - 0000000 _____ () C:\Program Files (x86)\metadata
2017-03-01 19:55 - 2017-03-01 19:58 - 0000004 ____H () C:\ProgramData\cm-lock
2016-09-11 09:03 - 2016-09-11 09:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-10 10:37 - 2015-01-10 10:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-02-12 19:24 - 2017-02-12 19:25 - 17628560 _____ (IObit ) C:\Users\Mustafo\AppData\Local\Temp\8AD5.tmp.exe
2017-02-17 20:46 - 2017-02-17 20:46 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Mustafo\AppData\Local\Temp\SkypeSetup.exe
2016-10-29 11:57 - 2016-10-29 11:57 - 31717016 _____ () C:\Users\Mustafo\AppData\Local\Temp\vlc-2.2.4-win64.exe
2016-12-12 12:30 - 2016-12-12 12:31 - 0089584 _____ () C:\Users\Mustafo\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-20 11:47
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Mustafo\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Mustafo (02-03-2017 07:30:53) Run:1
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Mustafo\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{12BEB57E-ECD3-11E6-A98A-64006A5CFC23} => value removed successfully
HKCR\CLSID\{12BEB57E-ECD3-11E6-A98A-64006A5CFC23} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Mustafo\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1094689997 B
Java, Flash, Steam htmlcache => 4111 B
Windows/system/drivers => 317422923 B
Edge => 276950393 B
Chrome => 433727794 B
Firefox => 369115351 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 143 B
systemprofile32 => 6772871 B
LocalService => 88628 B
NetworkService => 39861746 B
Mustafo => 80219515 B
RecycleBin => 7229923 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:38:12 ====
Ran by Mustafo (02-03-2017 07:30:53) Run:1
Running from C:\Users\Mustafo\Desktop
Loaded Profiles: Mustafo (Available Profiles: Mustafo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ShellExecuteHooks: No Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Mustafo\AppData\Roaming\Zrshfcit\Griotain.dll -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Mustafo\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{12BEB57E-ECD3-11E6-A98A-64006A5CFC23} => value removed successfully
HKCR\CLSID\{12BEB57E-ECD3-11E6-A98A-64006A5CFC23} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001UA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3357248357-3471837598-2797894705-1001Core => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Mustafo\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1094689997 B
Java, Flash, Steam htmlcache => 4111 B
Windows/system/drivers => 317422923 B
Edge => 276950393 B
Chrome => 433727794 B
Firefox => 369115351 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 143 B
systemprofile32 => 6772871 B
LocalService => 88628 B
NetworkService => 39861746 B
Mustafo => 80219515 B
RecycleBin => 7229923 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:38:12 ====
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Zatím to vypadá dobře, zdá se že funguje jak má. Kde byl hlavní problém?
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Hlavní problém byl UCBrowser. Smazal ho ADW.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Někdy skáčou okna, Avast nachází vir (rootkit)
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?