VIRY.CZ

Dobrý deň,

rád by som Vás poprosil o kontrolu systému + prípadné rady a typy. Pre ochranu a čistenie stačí mi ESET+CCLEANER+MALWAREBYTES?

Tento súbor nemôžem odstrániť: C:\Users\Pekos\Desktop\Chillout

..pesničky sa dajú spustiť, ale súbor sa nedá odstrániť pritom zaberá 0 bajtov:) Píše, že už nieje umiestnená na tom mieste a že mám skontrolovať umiestnenie:) Skúšal som pár tých programov ako Unlocker a Fileassasin, v núdzovom režime a ani vymazanie z príkazového riadku nepomohlo:(

Odinštaloval som tiež hry Praetorians a Commandos, ale stále sú v tom zozname kde sa odinštalujú programy, rád by som ich z toho zoznamu dostal preč:)

Vopred ďakujem, za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-07-30 18:46:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (28%) free of 119 GB
Total RAM: 4095 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:10, on 30. 7. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Pekos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11289 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\Explorer.EXE
"C:\Windows\AsScrPro.exe"
taskeng.exe {832E8A66-1B18-4117-9105-CF8523353782}
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
ATKOSD.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
KBFiltr.exe
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"PrintDisp.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\AUDIODG.EXE 0x374
"C:\Users\Pekos\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default

prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-07-30 18:24:08 ----D---- C:\rsit
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:19 ----D---- C:\Program Files (x86)\Blizzard
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:40:48 ----A---- C:\protokol o instalaci cestiny do hry starcraft.txt
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly

======List of files/folders modified in the last 1 month======

2017-07-30 18:46:06 ----D---- C:\Windows\Temp
2017-07-30 18:30:48 ----D---- C:\Windows\system32\config
2017-07-30 18:28:05 ----D---- C:\Windows\Prefetch
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 17:59:35 ----RD---- C:\Program Files (x86)
2017-07-30 17:56:39 ----D---- C:\Windows\system32\drivers
2017-07-30 17:55:12 ----HD---- C:\ProgramData
2017-07-30 17:53:52 ----D---- C:\Windows\system32\Tasks
2017-07-30 17:50:30 ----D---- C:\Windows
2017-07-30 15:43:38 ----D---- C:\Windows\inf
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:34 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-29 09:59:56 ----SHD---- C:\Windows\Installer
2017-07-29 09:59:55 ----SHD---- C:\Config.Msi
2017-07-29 09:59:29 ----SHD---- C:\System Volume Information
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-25 21:41:04 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:12:35 ----D---- C:\Program Files (x86)\Microsoft Games
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe
2017-07-01 09:13:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-01 09:13:28 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-07-30 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-07-30 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-07-30 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-07-30 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [2017-07-22 390504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Rudy píše:Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.1.0 - Logfile created on Mon Jul 31 19:11:50 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 07-31-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Program Files (x86)\DAEMON Tools Toolbar
Adware.LoadMoney, C:\ProgramData\Partner
Adware.LoadMoney, C:\ProgramData\Application Data\Partner
Adware.LoadMoney, C:\Users\All Users\Partner
PUP.Adware.Heuristic, C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
PUP.Adware.Heuristic, C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
PUP.Adware.Heuristic, C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.SuperOptimizer, [Key] - HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer, [Key] - HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer, [Key] - HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Tento je už po čistení a reštarte.

# AdwCleaner 7.0.1.0 - Logfile created on Mon Jul 31 19:14:44 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\DAEMON Tools Toolbar
Deleted: C:\ProgramData\Partner
Deleted: C:\ProgramData\Application Data\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Deleted: C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
Deleted: C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Deleted: [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2523 B] - [2017/7/31 19:11:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

OK. Dejte nový log RSIT.

Rudy píše:OK. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-08-02 20:00:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (33%) free of 119 GB
Total RAM: 4095 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:18, on 2. 8. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Pekos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11251 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {DBA7852A-1F5E-4E3A-9524-4072FA7B196F}
"taskhost.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
ATKOSD.exe
"C:\Windows\AsScrPro.exe"
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE 0x81c
"C:\Users\Pekos\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default

prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-07-31 21:03:48 ----D---- C:\AdwCleaner
2017-07-30 18:24:08 ----D---- C:\rsit
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:19 ----D---- C:\Program Files (x86)\Blizzard
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly

======List of files/folders modified in the last 1 month======

2017-08-02 20:00:15 ----D---- C:\Windows\Temp
2017-08-02 17:54:32 ----D---- C:\Windows\system32\config
2017-08-02 17:34:59 ----D---- C:\Windows\system32\Tasks
2017-08-02 17:34:23 ----D---- C:\Windows\system32\drivers
2017-08-01 18:03:45 ----SHD---- C:\System Volume Information
2017-07-31 21:30:35 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-31 21:14:39 ----RD---- C:\Program Files (x86)
2017-07-31 21:14:39 ----HD---- C:\ProgramData
2017-07-30 19:32:35 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 19:11:18 ----D---- C:\Windows\Prefetch
2017-07-30 19:09:55 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-07-30 19:09:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 17:50:30 ----D---- C:\Windows
2017-07-30 15:43:38 ----D---- C:\Windows\inf
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-29 09:59:56 ----SHD---- C:\Windows\Installer
2017-07-29 09:59:55 ----SHD---- C:\Config.Msi
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:12:35 ----D---- C:\Program Files (x86)\Microsoft Games
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-08-02 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-08-02 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-08-02 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-08-02 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [2017-07-22 390504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Blizzard

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Nový scan.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-08-03 20:28:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (38%) free of 119 GB
Total RAM: 4095 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:49, on 3. 8. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Pekos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10986 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f4
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {E658F5AE-B2AA-49D9-AF4B-DF8F5E592175}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
taskeng.exe {CC2983FE-14D0-4C07-A740-95E506019A95}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\AsScrPro.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B60BBA9B-5AFA-4272-B10E-BE67C74E8BC5}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Pekos\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default

prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-08-03 20:28:40 ----D---- C:\rsit
2017-07-31 21:03:48 ----D---- C:\AdwCleaner
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly

======List of files/folders modified in the last 1 month======

2017-08-03 20:28:49 ----D---- C:\Windows\Prefetch
2017-08-03 20:27:26 ----D---- C:\Windows\Temp
2017-08-03 20:27:15 ----D---- C:\Windows\system32\Tasks
2017-08-03 20:26:16 ----D---- C:\Windows\system32\drivers
2017-08-03 20:26:01 ----D---- C:\Windows\system32\config
2017-08-03 20:25:21 ----D---- C:\Windows
2017-08-03 20:13:38 ----RD---- C:\Program Files (x86)
2017-08-02 23:26:01 ----SHD---- C:\Windows\Installer
2017-08-02 23:26:01 ----SHD---- C:\Config.Msi
2017-08-02 23:21:18 ----SHD---- C:\System Volume Information
2017-08-02 20:08:18 ----D---- C:\Windows\inf
2017-07-31 21:30:35 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-31 21:14:39 ----HD---- C:\ProgramData
2017-07-30 19:32:35 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 19:09:55 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-07-30 19:09:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-08-03 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-08-03 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-08-03 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-08-03 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]

-----------------EOF-----------------

Smazáno. Log by již měl být OK.

Rudy píše:Smazáno. Log by již měl být OK.

Dakujem Vam moc. Ste super.

Nemáte zač!

VIRY.CZ

Preventívna kontrola

Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola

Re: Preventívna kontrola