Prosím o kontrolu-bitcoint
Napsal: 06 dub 2018 11:06
Dobrý den, začal se pomalu načítat pc i prohlížeče po kontrole MB (odstraněno do karanteny) jsem zjistila nějaké bitcointy což mají být udajně inter. peníze či co ale vůbec o ničem takovém nevím (nic takového nehrají nesbírám) je to hlašeno jako trojan. Avast nic nehlasil adwcleaner též nic nenašel. Nevím zda to v té karanténě postačí nebo to tam ještě zůstavá a potřebuji Vaši pomoc.
Děkuji
Malwarebytes
http://www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.04.18
Čas skenování: 8:55
Logovací soubor: 725b39e7-3967-11e8-ae66-14dda9805d58.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.4636
Licence: Bezplatný
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: LuciFafa-PC\LuciFafa
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 208589
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 5
Uplynulý čas: 1 hod, 24 min, 18 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 1
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Modul: 1
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Klíč registru: 1
RiskWare.BitCoinMiner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUCLT, V karanténě, [907], [434083],1.0.4636
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 2
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Trojan.Agent.Gen, C:\USERS\LUCIFAFA\APPDATA\ROAMING\RUNSERVICE.EXE, V karanténě, [1499], [232502],1.0.4636
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2018-04-06 10:01:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 499 GB (52%) free of 954 GB
Total RAM: 3030 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:51, on 6.4.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18921)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\Setup\Instup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
C:\Program Files\trend micro\LuciFafa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085515144\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085515144\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe" (User '?')
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085536300\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: WUAUCLT - Unknown owner - C:\Users\LuciFafa\AppData\Roaming\nssm.exe
--
End of file - 5786 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\pdbynjqe.default
prefs.js - "browser.startup.homepage" - "www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.113 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_113.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-23 474688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-14 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-23 188992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-06 245608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-01-31 1480072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-02-23 6126904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductUpdater]
C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.lameacm"=LameACM.acm
"vidc.x264"=x264vfw.dll
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-04-06 10:01:02 ----D---- C:\rsit
2018-04-06 08:53:50 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-04-02 21:15:37 ----D---- C:\Program Files\Age of Empires II HD
2018-03-28 13:13:25 ----D---- C:\Program Files\Common Files\INCA Shared
2018-03-22 12:12:28 ----D---- C:\Program Files\Pro Evolution Soccer 2015
2018-03-22 12:12:22 ----SHD---- C:\Users\LuciFafa\AppData\Roaming\kernel
2018-03-22 12:12:22 ----SH---- C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2018-03-22 12:12:22 ----SH---- C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2018-03-19 19:34:06 ----A---- C:\Windows\system32\mshtml.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\wininet.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\jscript9.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\ieframe.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\win32k.sys
2018-03-19 19:34:04 ----A---- C:\Windows\system32\vbscript.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\urlmon.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-19 19:34:04 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-03-19 19:34:04 ----A---- C:\Windows\system32\kerberos.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\jscript.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\iertutil.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\wisptis.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\WinSCard.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\wdigest.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\TabSvc.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\t2embed.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\srcore.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\schannel.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\rpchttp.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\ntdll.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\ncrypt.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\msv1_0.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\msfeeds.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\iedkcs32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\netio.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\appid.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\csrsrv.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\crypt32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\clfs.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\cdosys.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\bcrypt.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\atmfd.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidsvc.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidapi.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\advapi32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\adtschema.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\webcheck.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\sspicli.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\srclient.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\smss.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\secur32.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\rstrui.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\msrating.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\mshtmled.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\msaudite.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\lsass.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\fontsub.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\dxtrans.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\dxtmsft.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-03-19 19:34:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\credssp.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\auditpol.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\wintrust.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\sspisrv.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\occache.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\msobjs.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\lpk.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\jsproxy.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\inseng.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieUnatt.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieui.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\iesetup.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\iernonce.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieapfltr.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ie4uinit.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\dciman32.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\cryptsvc.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\cryptnet.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\atmlib.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\apisetschema.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\invagent.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\generaltel.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\devinv.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-19 19:33:45 ----A---- C:\Windows\system32\centel.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\appraiser.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aepic.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aeinv.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\acmigration.dll
2018-03-19 19:12:41 ----HD---- C:\Windows\msdownld.tmp
2018-03-09 20:59:12 ----D---- C:\ProgramData\Origin
2018-03-09 20:54:33 ----D---- C:\Program Files\Need for Speed Most Wanted Limited Edition
======List of files/folders modified in the last 1 month======
2018-04-06 10:01:50 ----D---- C:\Program Files\trend micro
2018-04-06 10:01:03 ----D---- C:\Windows\Temp
2018-04-06 09:03:37 ----D---- C:\Windows\system32\config
2018-04-06 08:53:50 ----D---- C:\Windows\system32\drivers
2018-04-06 08:53:34 ----D---- C:\Windows\System32
2018-04-06 08:53:34 ----D---- C:\Windows\inf
2018-04-06 08:53:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-04-06 08:51:57 ----D---- C:\Windows\system32\Tasks
2018-04-06 08:49:58 ----D---- C:\AdwCleaner
2018-04-06 08:48:56 ----D---- C:\Windows\Prefetch
2018-04-05 21:13:41 ----D---- C:\Windows
2018-04-02 21:18:23 ----D---- C:\HRY
2018-04-02 21:15:37 ----D---- C:\Program Files
2018-04-02 14:18:45 ----SHD---- C:\Windows\Installer
2018-04-02 14:18:43 ----SHD---- C:\Config.Msi
2018-04-02 14:18:43 ----SD---- C:\ProgramData\Microsoft
2018-04-02 14:18:43 ----D---- C:\Program Files\Microsoft
2018-03-30 23:36:06 ----D---- C:\Program Files\SpeedFan
2018-03-30 12:14:20 ----SHD---- C:\System Volume Information
2018-03-28 21:30:21 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-03-28 21:30:21 ----D---- C:\Program Files\Mozilla Firefox
2018-03-28 13:13:25 ----D---- C:\Program Files\Common Files
2018-03-27 09:00:20 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2018-03-22 13:20:50 ----D---- C:\Program Files\Steam
2018-03-22 12:22:22 ----RSD---- C:\Windows\assembly
2018-03-19 22:16:39 ----D---- C:\Windows\rescache
2018-03-19 21:59:39 ----D---- C:\Windows\Microsoft.NET
2018-03-19 20:27:33 ----D---- C:\Windows\system32\DriverStore
2018-03-19 20:25:10 ----D---- C:\Program Files\AMD
2018-03-19 19:42:45 ----D---- C:\Windows\winsxs
2018-03-19 19:41:04 ----D---- C:\Windows\system32\appraiser
2018-03-19 19:41:03 ----D---- C:\Windows\system32\en-US
2018-03-19 19:41:03 ----D---- C:\Windows\system32\cs-CZ
2018-03-19 19:41:02 ----D---- C:\Program Files\Internet Explorer
2018-03-19 19:33:16 ----D---- C:\Windows\system32\catroot2
2018-03-19 19:13:17 ----D---- C:\Windows\system32\directx
2018-03-19 19:12:38 ----D---- C:\Windows\Logs
2018-03-19 18:14:39 ----D---- C:\AMD
2018-03-19 17:29:12 ----D---- C:\Program Files\Opera
2018-03-19 17:23:46 ----D---- C:\VALOFEEU
2018-03-18 01:08:58 ----D---- C:\Users\LuciFafa\AppData\Roaming\CDNet_Downloader
2018-03-18 01:07:35 ----D---- C:\Nexon
2018-03-16 20:48:05 ----D---- C:\download
2018-03-13 23:50:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-03-13 23:50:04 ----D---- C:\Windows\system32\Macromed
2018-03-09 20:59:12 ----D---- C:\ProgramData
2018-03-09 20:53:22 ----D---- C:\Users\LuciFafa\AppData\Roaming\DAEMON Tools Lite
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-03-30 36040]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-03-06 157368]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-03-06 276688]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-03-06 50336]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-03-06 70816]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-03-06 310784]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-03-06 167040]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-03-06 185432]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-03-06 169536]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-03-06 100032]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-03-06 783608]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-03-06 391856]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2018-02-01 276360]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-03-06 124392]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-03-06 152344]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2016-01-14 86752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2018-02-01 37328264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2018-02-01 418184]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2016-01-14 179936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2017-09-02 78848]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-04-06 221112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2015-12-14 27632]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 5120]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 48352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-03-06 42808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2018-02-01 378760]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-01-31 113152]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-06 303728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2017-10-17 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2017-10-17 107832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WUAUCLT;WUAUCLT; C:\Users\LuciFafa\AppData\Roaming\nssm.exe [2014-06-29 294912]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13 272384]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-03-06 5909888]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-02-10 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-03-28 174544]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-01-20 5508824]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Děkuji
Malwarebytes
http://www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.04.18
Čas skenování: 8:55
Logovací soubor: 725b39e7-3967-11e8-ae66-14dda9805d58.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.4636
Licence: Bezplatný
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: LuciFafa-PC\LuciFafa
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 208589
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 5
Uplynulý čas: 1 hod, 24 min, 18 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 1
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Modul: 1
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Klíč registru: 1
RiskWare.BitCoinMiner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUCLT, V karanténě, [907], [434083],1.0.4636
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 2
RiskWare.BitCoinMiner, C:\USERS\LUCIFAFA\APPDATA\ROAMING\NSSM.EXE, V karanténě, [907], [434083],1.0.4636
Trojan.Agent.Gen, C:\USERS\LUCIFAFA\APPDATA\ROAMING\RUNSERVICE.EXE, V karanténě, [1499], [232502],1.0.4636
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2018-04-06 10:01:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 499 GB (52%) free of 954 GB
Total RAM: 3030 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:51, on 6.4.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18921)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\Setup\Instup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
C:\Program Files\trend micro\LuciFafa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085515144\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085515144\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe" (User '?')
O4 - HKUS\S-1-5-21-1117677789-4214877554-3075564690-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04062018085536300\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: WUAUCLT - Unknown owner - C:\Users\LuciFafa\AppData\Roaming\nssm.exe
--
End of file - 5786 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\pdbynjqe.default
prefs.js - "browser.startup.homepage" - "www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.113 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_113.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-23 474688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-14 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-23 188992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-06 245608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-01-31 1480072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-02-23 6126904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductUpdater]
C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.lameacm"=LameACM.acm
"vidc.x264"=x264vfw.dll
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-04-06 10:01:02 ----D---- C:\rsit
2018-04-06 08:53:50 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-04-02 21:15:37 ----D---- C:\Program Files\Age of Empires II HD
2018-03-28 13:13:25 ----D---- C:\Program Files\Common Files\INCA Shared
2018-03-22 12:12:28 ----D---- C:\Program Files\Pro Evolution Soccer 2015
2018-03-22 12:12:22 ----SHD---- C:\Users\LuciFafa\AppData\Roaming\kernel
2018-03-22 12:12:22 ----SH---- C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2018-03-22 12:12:22 ----SH---- C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2018-03-19 19:34:06 ----A---- C:\Windows\system32\mshtml.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\wininet.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\jscript9.dll
2018-03-19 19:34:05 ----A---- C:\Windows\system32\ieframe.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\win32k.sys
2018-03-19 19:34:04 ----A---- C:\Windows\system32\vbscript.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\urlmon.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-19 19:34:04 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-03-19 19:34:04 ----A---- C:\Windows\system32\kerberos.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\jscript.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\iertutil.dll
2018-03-19 19:34:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\wisptis.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\WinSCard.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\wdigest.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\TabSvc.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\t2embed.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\srcore.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\schannel.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\rpchttp.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\ntdll.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\ncrypt.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\msv1_0.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\msfeeds.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\iedkcs32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\netio.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-03-19 19:34:03 ----A---- C:\Windows\system32\drivers\appid.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\csrsrv.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\crypt32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\clfs.sys
2018-03-19 19:34:03 ----A---- C:\Windows\system32\cdosys.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\bcrypt.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\atmfd.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidsvc.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-03-19 19:34:03 ----A---- C:\Windows\system32\appidapi.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\advapi32.dll
2018-03-19 19:34:03 ----A---- C:\Windows\system32\adtschema.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\webcheck.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\sspicli.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\srclient.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\smss.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\secur32.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\rstrui.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\msrating.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\mshtmled.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\msaudite.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\lsass.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\fontsub.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\dxtrans.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\dxtmsft.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-03-19 19:34:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\credssp.dll
2018-03-19 19:34:02 ----A---- C:\Windows\system32\auditpol.exe
2018-03-19 19:34:02 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\wintrust.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\sspisrv.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\occache.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\msobjs.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\lpk.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\jsproxy.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\inseng.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieUnatt.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieui.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\iesetup.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\iernonce.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ieapfltr.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\ie4uinit.exe
2018-03-19 19:34:01 ----A---- C:\Windows\system32\dciman32.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\cryptsvc.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\cryptnet.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\atmlib.dll
2018-03-19 19:34:01 ----A---- C:\Windows\system32\apisetschema.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\invagent.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\generaltel.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\devinv.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-19 19:33:45 ----A---- C:\Windows\system32\centel.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\appraiser.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aepic.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\aeinv.dll
2018-03-19 19:33:45 ----A---- C:\Windows\system32\acmigration.dll
2018-03-19 19:12:41 ----HD---- C:\Windows\msdownld.tmp
2018-03-09 20:59:12 ----D---- C:\ProgramData\Origin
2018-03-09 20:54:33 ----D---- C:\Program Files\Need for Speed Most Wanted Limited Edition
======List of files/folders modified in the last 1 month======
2018-04-06 10:01:50 ----D---- C:\Program Files\trend micro
2018-04-06 10:01:03 ----D---- C:\Windows\Temp
2018-04-06 09:03:37 ----D---- C:\Windows\system32\config
2018-04-06 08:53:50 ----D---- C:\Windows\system32\drivers
2018-04-06 08:53:34 ----D---- C:\Windows\System32
2018-04-06 08:53:34 ----D---- C:\Windows\inf
2018-04-06 08:53:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-04-06 08:51:57 ----D---- C:\Windows\system32\Tasks
2018-04-06 08:49:58 ----D---- C:\AdwCleaner
2018-04-06 08:48:56 ----D---- C:\Windows\Prefetch
2018-04-05 21:13:41 ----D---- C:\Windows
2018-04-02 21:18:23 ----D---- C:\HRY
2018-04-02 21:15:37 ----D---- C:\Program Files
2018-04-02 14:18:45 ----SHD---- C:\Windows\Installer
2018-04-02 14:18:43 ----SHD---- C:\Config.Msi
2018-04-02 14:18:43 ----SD---- C:\ProgramData\Microsoft
2018-04-02 14:18:43 ----D---- C:\Program Files\Microsoft
2018-03-30 23:36:06 ----D---- C:\Program Files\SpeedFan
2018-03-30 12:14:20 ----SHD---- C:\System Volume Information
2018-03-28 21:30:21 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-03-28 21:30:21 ----D---- C:\Program Files\Mozilla Firefox
2018-03-28 13:13:25 ----D---- C:\Program Files\Common Files
2018-03-27 09:00:20 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2018-03-22 13:20:50 ----D---- C:\Program Files\Steam
2018-03-22 12:22:22 ----RSD---- C:\Windows\assembly
2018-03-19 22:16:39 ----D---- C:\Windows\rescache
2018-03-19 21:59:39 ----D---- C:\Windows\Microsoft.NET
2018-03-19 20:27:33 ----D---- C:\Windows\system32\DriverStore
2018-03-19 20:25:10 ----D---- C:\Program Files\AMD
2018-03-19 19:42:45 ----D---- C:\Windows\winsxs
2018-03-19 19:41:04 ----D---- C:\Windows\system32\appraiser
2018-03-19 19:41:03 ----D---- C:\Windows\system32\en-US
2018-03-19 19:41:03 ----D---- C:\Windows\system32\cs-CZ
2018-03-19 19:41:02 ----D---- C:\Program Files\Internet Explorer
2018-03-19 19:33:16 ----D---- C:\Windows\system32\catroot2
2018-03-19 19:13:17 ----D---- C:\Windows\system32\directx
2018-03-19 19:12:38 ----D---- C:\Windows\Logs
2018-03-19 18:14:39 ----D---- C:\AMD
2018-03-19 17:29:12 ----D---- C:\Program Files\Opera
2018-03-19 17:23:46 ----D---- C:\VALOFEEU
2018-03-18 01:08:58 ----D---- C:\Users\LuciFafa\AppData\Roaming\CDNet_Downloader
2018-03-18 01:07:35 ----D---- C:\Nexon
2018-03-16 20:48:05 ----D---- C:\download
2018-03-13 23:50:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-03-13 23:50:04 ----D---- C:\Windows\system32\Macromed
2018-03-09 20:59:12 ----D---- C:\ProgramData
2018-03-09 20:53:22 ----D---- C:\Users\LuciFafa\AppData\Roaming\DAEMON Tools Lite
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-03-30 36040]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-03-06 157368]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-03-06 276688]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-03-06 50336]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-03-06 70816]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-03-06 310784]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-03-06 167040]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-03-06 185432]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-03-06 169536]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-03-06 100032]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-03-06 783608]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-03-06 391856]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2018-02-01 276360]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-03-06 124392]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-03-06 152344]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2016-01-14 86752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2018-02-01 37328264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2018-02-01 418184]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2016-01-14 179936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2017-09-02 78848]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-04-06 221112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2015-12-14 27632]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 5120]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 48352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-03-06 42808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2018-02-01 378760]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-01-31 113152]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-06 303728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2017-10-17 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2017-10-17 107832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WUAUCLT;WUAUCLT; C:\Users\LuciFafa\AppData\Roaming\nssm.exe [2014-06-29 294912]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13 272384]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-03-06 5909888]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-02-10 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-03-28 174544]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-01-20 5508824]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
