Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Storkan at 2018-12-27 23:38:01
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 521 GB (86%) free of 608 GB
Total RAM: 3951 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:38:02, on 27.12.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19230)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Storkan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9017 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25667904
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-111759400825811969-644112088884154552-568003858-1719034109-10242160091406248903
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
C:\Windows\system\uArcCapture.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
AvastUI.exe /nogui
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Storkan\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Storkan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Storkan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef5d164d0,0x7fef5d164e0,0x7fef5d164f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5420 --on-initialized-event-handle=364 --parent-handle=380 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=216906894192962996 --mojo-platform-channel-handle=1252 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --service-pipe-token=10472611593243127740 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10472611593243127740 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2116 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --service-pipe-token=15879057706981640323 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15879057706981640323 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --service-pipe-token=9120400140196978612 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9120400140196978612 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --service-pipe-token=3649797650491264576 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3649797650491264576 --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1236,3393509932616089858,2810054670662013148,131072 --service-pipe-token=13509205603974003134 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13509205603974003134 --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Storkan\Desktop\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-27 582008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-27 245112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-27 480120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-27 194424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-09-08 489472]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-04-05 186904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-11-25 242392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-12-27 23:38:01 ----D---- C:\rsit
2018-12-27 23:38:01 ----D---- C:\Program Files\trend micro
2018-12-27 22:25:37 ----SHD---- C:\$RECYCLE.BIN
2018-12-27 22:25:01 ----A---- C:\ComboFix.txt
2018-12-27 21:13:38 ----D---- C:\Program Files (x86)\Microsoft
2018-12-27 20:55:32 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-64.dll
2018-12-27 19:10:06 ----A---- C:\Windows\zip.exe
2018-12-27 19:10:06 ----A---- C:\Windows\SWSC.exe
2018-12-27 19:10:06 ----A---- C:\Windows\SWREG.exe
2018-12-27 19:10:06 ----A---- C:\Windows\sed.exe
2018-12-27 19:10:06 ----A---- C:\Windows\PEV.exe
2018-12-27 19:10:06 ----A---- C:\Windows\NIRCMD.exe
2018-12-27 19:10:06 ----A---- C:\Windows\MBR.exe
2018-12-27 19:10:06 ----A---- C:\Windows\grep.exe
2018-12-27 19:09:05 ----D---- C:\Qoobox
2018-12-27 19:08:42 ----D---- C:\Windows\erdnt
2018-12-21 15:47:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-12-21 15:47:38 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-12-21 15:47:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-12-21 15:47:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-12-21 15:47:38 ----A---- C:\Windows\system32\iertutil.dll
2018-12-21 15:47:38 ----A---- C:\Windows\system32\iernonce.dll
2018-12-21 15:47:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-12-21 15:47:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-12-21 15:47:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-12-21 15:47:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-21 15:47:37 ----A---- C:\Windows\system32\inseng.dll
2018-12-21 15:47:37 ----A---- C:\Windows\system32\ie4uinit.exe
2018-12-21 15:47:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-12-21 15:47:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-12-21 15:47:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-12-21 15:47:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-12-21 15:47:35 ----A---- C:\Windows\system32\urlmon.dll
2018-12-21 15:47:35 ----A---- C:\Windows\system32\occache.dll
2018-12-21 15:47:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-12-21 15:47:35 ----A---- C:\Windows\system32\iedkcs32.dll
2018-12-21 15:47:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-12-21 15:47:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-12-21 15:47:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-12-21 15:47:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-12-21 15:47:34 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-12-21 15:47:34 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-21 15:47:34 ----A---- C:\Windows\system32\msfeeds.dll
2018-12-21 15:47:34 ----A---- C:\Windows\system32\dxtrans.dll
2018-12-21 15:47:33 ----A---- C:\Windows\system32\iesetup.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-12-21 15:47:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-12-21 15:47:32 ----A---- C:\Windows\system32\vbscript.dll
2018-12-21 15:47:31 ----A---- C:\Windows\system32\ieui.dll
2018-12-21 15:47:31 ----A---- C:\Windows\system32\ieframe.dll
2018-12-21 15:47:31 ----A---- C:\Windows\system32\dxtmsft.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\webcheck.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\mshtmled.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\jscript9diag.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\jscript.dll
2018-12-21 15:47:30 ----A---- C:\Windows\system32\ieUnatt.exe
2018-12-21 15:47:29 ----A---- C:\Windows\system32\wininet.dll
2018-12-21 15:47:29 ----A---- C:\Windows\system32\jsproxy.dll
2018-12-21 15:47:29 ----A---- C:\Windows\system32\jscript9.dll
2018-12-21 15:47:29 ----A---- C:\Windows\system32\ieapfltr.dll
2018-12-21 15:47:28 ----A---- C:\Windows\system32\msrating.dll
2018-12-21 15:47:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-12-21 15:47:27 ----A---- C:\Windows\system32\mshtml.dll
2018-12-21 15:33:42 ----A---- C:\Windows\system32\wmp.dll
2018-12-21 15:33:40 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-12-21 15:33:39 ----A---- C:\Windows\system32\msxml3.dll
2018-12-21 15:33:38 ----A---- C:\Windows\system32\win32k.sys
2018-12-21 15:33:37 ----A---- C:\Windows\system32\rpcrt4.dll
2018-12-21 15:33:36 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-12-21 15:33:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-12-21 15:33:35 ----A---- C:\Windows\system32\msxml6.dll
2018-12-21 15:33:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-12-21 15:33:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-12-21 15:33:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2018-12-21 15:33:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-12-21 15:33:32 ----A---- C:\Windows\system32\gdi32.dll
2018-12-21 15:33:31 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-12-21 15:33:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-12-21 15:33:31 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2018-12-21 15:33:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-12-21 15:33:31 ----A---- C:\Windows\system32\t2embed.dll
2018-12-21 15:33:31 ----A---- C:\Windows\system32\ntdll.dll
2018-12-21 15:33:31 ----A---- C:\Windows\system32\atmfd.dll
2018-12-21 15:33:30 ----A---- C:\Windows\system32\hal.dll
2018-12-21 15:33:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-12-21 15:33:29 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-12-21 15:33:29 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-12-21 15:33:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-12-21 15:33:29 ----A---- C:\Windows\system32\certcli.dll
2018-12-21 15:33:28 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-12-21 15:33:27 ----A---- C:\Windows\system32\dxmasf.dll
2018-12-21 15:33:26 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-12-21 15:33:26 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2018-12-21 15:33:26 ----A---- C:\Windows\system32\wmploc.DLL
2018-12-21 15:33:26 ----A---- C:\Windows\system32\spwmp.dll
2018-12-21 15:33:26 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-12-21 15:33:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2018-12-21 15:33:23 ----A---- C:\Windows\system32\smss.exe
2018-12-21 15:33:23 ----A---- C:\Windows\system32\lsasrv.dll
2018-12-21 15:33:23 ----A---- C:\Windows\system32\KernelBase.dll
2018-12-21 15:33:23 ----A---- C:\Windows\system32\kernel32.dll
2018-12-21 15:33:23 ----A---- C:\Windows\system32\kerberos.dll
2018-12-21 15:33:23 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-12-21 15:33:23 ----A---- C:\Windows\system32\advapi32.dll
2018-12-21 15:33:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-12-21 15:33:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-12-21 15:33:22 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\wow64win.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\winsrv.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\schannel.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\ncrypt.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\msv1_0.dll
2018-12-21 15:33:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-12-21 15:33:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-12-21 15:33:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-12-21 15:33:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\wow64.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\wdigest.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\tzres.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\TSpkg.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\sspicli.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\srcore.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\rpchttp.dll
2018-12-21 15:33:21 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-12-21 15:33:21 ----A---- C:\Windows\system32\conhost.exe
2018-12-21 15:33:21 ----A---- C:\Windows\system32\bcrypt.dll
2018-12-21 15:33:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-12-21 15:33:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-12-21 15:33:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-12-21 15:33:20 ----A---- C:\Windows\system32\sspisrv.dll
2018-12-21 15:33:20 ----A---- C:\Windows\system32\lsass.exe
2018-12-21 15:33:20 ----A---- C:\Windows\system32\lpk.dll
2018-12-21 15:33:20 ----A---- C:\Windows\system32\drivers\processr.sys
2018-12-21 15:33:20 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-12-21 15:33:20 ----A---- C:\Windows\system32\csrsrv.dll
2018-12-21 15:33:20 ----A---- C:\Windows\system32\cryptbase.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-21 15:33:19 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-12-21 15:33:19 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\wow64cpu.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\srclient.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\secur32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\rstrui.exe
2018-12-21 15:33:19 ----A---- C:\Windows\system32\ntvdm64.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\fontsub.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\drivers\appid.sys
2018-12-21 15:33:19 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-12-21 15:33:19 ----A---- C:\Windows\system32\dciman32.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\credssp.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\auditpol.exe
2018-12-21 15:33:19 ----A---- C:\Windows\system32\appidsvc.dll
2018-12-21 15:33:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-12-21 15:33:19 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-12-21 15:33:19 ----A---- C:\Windows\system32\appidapi.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-21 15:33:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-21 15:33:18 ----A---- C:\Windows\SYSWOW64\user.exe
2018-12-21 15:33:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-12-21 15:33:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-12-21 15:33:18 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-12-21 15:33:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-12-21 15:33:18 ----A---- C:\Windows\system32\atmlib.dll
2018-12-21 15:33:18 ----A---- C:\Windows\system32\apisetschema.dll
2018-12-21 15:33:17 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-12-21 15:33:17 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2018-12-21 15:33:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-12-21 15:33:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-12-21 15:33:17 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-12-21 15:33:17 ----A---- C:\Windows\system32\msxml6r.dll
2018-12-21 15:33:17 ----A---- C:\Windows\system32\msxml3r.dll
2018-12-21 15:33:17 ----A---- C:\Windows\system32\msobjs.dll
2018-12-21 15:33:17 ----A---- C:\Windows\system32\msaudite.dll
2018-12-21 15:33:17 ----A---- C:\Windows\system32\adtschema.dll
======List of files/folders modified in the last 1 month======
2018-12-27 23:38:01 ----D---- C:\Program Files
2018-12-27 23:37:11 ----D---- C:\Windows\Temp
2018-12-27 23:22:03 ----D---- C:\Windows\System32
2018-12-27 23:22:03 ----D---- C:\Windows\inf
2018-12-27 23:22:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-12-27 23:21:20 ----D---- C:\Windows\system32\config
2018-12-27 23:15:12 ----A---- C:\Windows\SYSWOW64\log.txt
2018-12-27 23:05:17 ----D---- C:\Windows\system32\drivers\etc
2018-12-27 22:13:20 ----D---- C:\Windows
2018-12-27 22:13:20 ----A---- C:\Windows\system.ini
2018-12-27 22:06:59 ----D---- C:\Windows\SysWOW64
2018-12-27 22:06:58 ----D---- C:\Windows\SYSWOW64\drivers
2018-12-27 22:06:58 ----D---- C:\Windows\AppPatch
2018-12-27 22:06:57 ----D---- C:\Program Files (x86)\Common Files
2018-12-27 21:43:25 ----D---- C:\Windows\system32\drivers
2018-12-27 21:39:16 ----D---- C:\Windows\system32\Tasks
2018-12-27 21:33:33 ----D---- C:\Download
2018-12-27 21:25:07 ----RD---- C:\Program Files (x86)
2018-12-27 21:24:58 ----D---- C:\Users\Storkan\AppData\Roaming\AVAST Software
2018-12-27 21:24:57 ----D---- C:\ProgramData\AVAST Software
2018-12-27 21:23:26 ----SHD---- C:\Windows\Installer
2018-12-27 21:22:41 ----D---- C:\ProgramData\Adobe
2018-12-27 21:22:38 ----D---- C:\Program Files (x86)\Adobe
2018-12-27 21:22:25 ----SHD---- C:\System Volume Information
2018-12-27 21:18:33 ----D---- C:\Windows\winsxs
2018-12-27 21:14:04 ----D---- C:\Users\Storkan\AppData\Roaming\Skype
2018-12-27 21:14:00 ----SD---- C:\Users\Storkan\AppData\Roaming\Microsoft
2018-12-27 21:13:38 ----RD---- C:\Program Files (x86)\Skype
2018-12-27 21:13:38 ----D---- C:\ProgramData\Skype
2018-12-27 21:13:25 ----D---- C:\Program Files (x86)\WinRAR
2018-12-27 21:13:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-12-27 21:12:53 ----D---- C:\Windows\system32\Macromed
2018-12-27 21:12:50 ----D---- C:\Windows\SYSWOW64\Macromed
2018-12-27 20:56:16 ----D---- C:\Program Files (x86)\Java
2018-12-27 20:55:26 ----D---- C:\Program Files\Java
2018-12-27 20:52:28 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2018-12-27 20:49:01 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2018-12-27 20:38:04 ----D---- C:\Windows\system32\catroot
2018-12-27 20:20:33 ----D---- C:\ProgramData
2018-12-27 20:00:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-12-27 19:58:01 ----DC---- C:\Windows\system32\DRVSTORE
2018-12-27 19:58:00 ----D---- C:\Windows\system32\DriverStore
2018-12-27 19:56:38 ----D---- C:\Program Files (x86)\GameforgeLive
2018-12-27 19:47:59 ----D---- C:\Windows\system32\catroot2
2018-12-27 19:01:30 ----D---- C:\Windows\debug
2018-12-27 18:27:09 ----D---- C:\Program Files\CCleaner
2018-12-22 17:46:59 ----D---- C:\Windows\Microsoft.NET
2018-12-22 17:46:58 ----RSD---- C:\Windows\assembly
2018-12-22 16:45:16 ----D---- C:\Program Files\Internet Explorer
2018-12-22 16:45:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-12-22 16:45:12 ----D---- C:\Windows\SYSWOW64\en-US
2018-12-22 16:45:08 ----D---- C:\Windows\system32\cs-CZ
2018-12-22 16:45:07 ----D---- C:\Windows\system32\en-US
2018-12-22 16:45:01 ----D---- C:\Program Files (x86)\Internet Explorer
2018-12-22 16:43:58 ----D---- C:\Program Files\Windows Media Player
2018-12-22 16:43:48 ----D---- C:\Program Files (x86)\Windows Media Player
2018-12-22 16:41:37 ----D---- C:\Windows\system32\Boot
2018-12-21 16:20:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-12-21 16:19:08 ----D---- C:\Windows\system32\MRT
2018-12-21 16:13:54 ----AC---- C:\Windows\system32\MRT.exe
2018-12-10 15:47:02 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-11-25 201768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-11-25 346592]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-11-25 59496]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-11-25 87432]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-11-25 380464]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-05 409624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-11-25 201240]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-11-25 230344]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-12-10 239840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-11-25 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-11-25 111800]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-11-25 1028680]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-11-25 469272]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-11-25 163208]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-11-25 208472]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-05 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-05-02 3063360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-06-02 25912]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-09-08 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-11-25 46384]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-05-19 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-07-23 52736]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 rtsuvc;HP Webcam [2 MP Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-27 16896]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-11-25 324000]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-04-05 354840]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-09-08 271360]
R2 uArcCapture;ArcCapture; C:\Windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-11-25 8188768]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-09-27 749112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-27 335872]
S3 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13 144200]
S3 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-09-27 92216]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-12-14 116224]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2015-11-22 3844640]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům?
Děkuji vám za smazání stop po případném malwaru. Navíc si s CF jako laik můžete poškodit systém. Dejte logy FRST+Addition. Snad z toho něco vykoukám.
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům?
Děkuji vám za smazání stop po případném malwaru. Navíc si s CF jako laik můžete poškodit systém. Dejte logy FRST+Addition. Snad z toho něco vykoukám.Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Bohužel bez použirí CF byl NTB zcela nepoužitelný a systém už asi víc zdevastovat nešel. Nejedná se o moje zařízení (je to tchána který jej mimo jiné půjčuje vnoučatům). Zítra zašlu požadovaný scan a určitě bych našel i log z CF pokud k něčemu je.
Každopádně moc děkuji za pomoc
Každopádně moc děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Zasílám požadované logy. Snad k něčemu budou. Nechce se mi přeinstalovávat celý systém
- Přílohy
-
- logy.rar
- (18.06 KiB) Staženo 82 x
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-29-2018
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\AppDataLow\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1361 octets] - [29/12/2018 17:45:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-29-2018
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\AppDataLow\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1361 octets] - [29/12/2018 17:45:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Toolbar: HKU\S-1-5-21-2559262752-1286805619-1219072577-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Storkan\AppData\Local\Temp\ccex.crx <not found>
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Storkan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {0386333D-C5F7-45CA-B390-BA05CB3CD137} - System32\Tasks\{79EE9789-65D5-49C0-B211-1598CF2652A9} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Downloads\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {1C6B3572-3B60-471B-8B3B-5795F8215068} - System32\Tasks\{8191B717-62B1-4CDD-9A48-B982E8352517} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp50301[1].exe" -d C:\Users\Storkan\Desktop
Task: {4292A10A-E00E-4076-A1BB-13AD08981CDA} - System32\Tasks\{B63DF085-2376-4090-84A1-28D8FF057943} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M7ARY3G\sp46693.exe" -d C:\Users\Storkan\Desktop
Task: {5C30D84B-1343-4054-86D1-842B6A55E8D4} - System32\Tasks\{665B1852-D55E-4357-B68D-85803864DC6F} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp51059.exe -d C:\Users\Storkan\Desktop
Task: {63A0A70B-926C-4072-A033-7DD9CC4C67E3} - System32\Tasks\{EB347F28-1898-442B-A7C5-A6911F2D1253} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191} - System32\Tasks\{6C2DDC71-BDA8-4D55-9851-F46439DDD233} => C:\Windows\system32\pcalua.exe -a D:\johanka\Setup.exe -d D:\johanka
Task: {71AD929B-0FD2-43AA-BD0C-13E84F0E7421} - System32\Tasks\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E} => C:\Windows\system32\pcalua.exe -a E:\sp52330.exe -d E:\
Task: {8EA8AC42-333D-4A8B-8AF5-445D2FAA141A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {9127082A-1587-4D91-A683-978AFBE350B5} - System32\Tasks\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp47841[1].exe" -d C:\Users\Storkan\Desktop
Task: {A6F22C58-BED7-4E10-9BC6-2EE0686F39F9} - System32\Tasks\{AF2E2289-1AE2-4601-91DC-AAD02944F45D} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\Downloads\hijackthis.exe -d C:\Users\Storkan\Desktop\Downloads
Task: {DC41C147-3984-4D92-B336-2ABEC890EA1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
FirewallRules: [TCP Query User{DBC6D307-4BB5-4EE6-8938-0B27A309ADBA}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [UDP Query User{AAC8551C-3D4F-460E-B82B-107E8E1A8C0F}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [TCP Query User{D080E671-E926-48BD-8562-49FC5EBBC005}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A15442FE-AD96-420B-92FB-E69DB09CC86B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E8A1E134-49A2-423D-9BA3-1DC18E97A2E0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BE0D0AB2-B746-476D-8BBF-9F34C735B76A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by Storkan (29-12-2018 20:37:53) Run:1
Running from C:\Users\Storkan\Desktop
Loaded Profiles: Storkan (Available Profiles: Storkan)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Toolbar: HKU\S-1-5-21-2559262752-1286805619-1219072577-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Storkan\AppData\Local\Temp\ccex.crx <not found>
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Storkan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {0386333D-C5F7-45CA-B390-BA05CB3CD137} - System32\Tasks\{79EE9789-65D5-49C0-B211-1598CF2652A9} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Downloads\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {1C6B3572-3B60-471B-8B3B-5795F8215068} - System32\Tasks\{8191B717-62B1-4CDD-9A48-B982E8352517} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp50301[1].exe" -d C:\Users\Storkan\Desktop
Task: {4292A10A-E00E-4076-A1BB-13AD08981CDA} - System32\Tasks\{B63DF085-2376-4090-84A1-28D8FF057943} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M7ARY3G\sp46693.exe" -d C:\Users\Storkan\Desktop
Task: {5C30D84B-1343-4054-86D1-842B6A55E8D4} - System32\Tasks\{665B1852-D55E-4357-B68D-85803864DC6F} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp51059.exe -d C:\Users\Storkan\Desktop
Task: {63A0A70B-926C-4072-A033-7DD9CC4C67E3} - System32\Tasks\{EB347F28-1898-442B-A7C5-A6911F2D1253} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191} - System32\Tasks\{6C2DDC71-BDA8-4D55-9851-F46439DDD233} => C:\Windows\system32\pcalua.exe -a D:\johanka\Setup.exe -d D:\johanka
Task: {71AD929B-0FD2-43AA-BD0C-13E84F0E7421} - System32\Tasks\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E} => C:\Windows\system32\pcalua.exe -a E:\sp52330.exe -d E:\
Task: {8EA8AC42-333D-4A8B-8AF5-445D2FAA141A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {9127082A-1587-4D91-A683-978AFBE350B5} - System32\Tasks\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp47841[1].exe" -d C:\Users\Storkan\Desktop
Task: {A6F22C58-BED7-4E10-9BC6-2EE0686F39F9} - System32\Tasks\{AF2E2289-1AE2-4601-91DC-AAD02944F45D} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\Downloads\hijackthis.exe -d C:\Users\Storkan\Desktop\Downloads
Task: {DC41C147-3984-4D92-B336-2ABEC890EA1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
FirewallRules: [TCP Query User{DBC6D307-4BB5-4EE6-8938-0B27A309ADBA}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [UDP Query User{AAC8551C-3D4F-460E-B82B-107E8E1A8C0F}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [TCP Query User{D080E671-E926-48BD-8562-49FC5EBBC005}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A15442FE-AD96-420B-92FB-E69DB09CC86B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E8A1E134-49A2-423D-9BA3-1DC18E97A2E0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BE0D0AB2-B746-476D-8BBF-9F34C735B76A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-2559262752-1286805619-1219072577-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Storkan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0386333D-C5F7-45CA-B390-BA05CB3CD137}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0386333D-C5F7-45CA-B390-BA05CB3CD137}" => removed successfully
C:\Windows\System32\Tasks\{79EE9789-65D5-49C0-B211-1598CF2652A9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79EE9789-65D5-49C0-B211-1598CF2652A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C6B3572-3B60-471B-8B3B-5795F8215068}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C6B3572-3B60-471B-8B3B-5795F8215068}" => removed successfully
C:\Windows\System32\Tasks\{8191B717-62B1-4CDD-9A48-B982E8352517} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8191B717-62B1-4CDD-9A48-B982E8352517}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4292A10A-E00E-4076-A1BB-13AD08981CDA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4292A10A-E00E-4076-A1BB-13AD08981CDA}" => removed successfully
C:\Windows\System32\Tasks\{B63DF085-2376-4090-84A1-28D8FF057943} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B63DF085-2376-4090-84A1-28D8FF057943}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C30D84B-1343-4054-86D1-842B6A55E8D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C30D84B-1343-4054-86D1-842B6A55E8D4}" => removed successfully
C:\Windows\System32\Tasks\{665B1852-D55E-4357-B68D-85803864DC6F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{665B1852-D55E-4357-B68D-85803864DC6F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63A0A70B-926C-4072-A033-7DD9CC4C67E3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A0A70B-926C-4072-A033-7DD9CC4C67E3}" => removed successfully
C:\Windows\System32\Tasks\{EB347F28-1898-442B-A7C5-A6911F2D1253} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB347F28-1898-442B-A7C5-A6911F2D1253}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191}" => removed successfully
C:\Windows\System32\Tasks\{6C2DDC71-BDA8-4D55-9851-F46439DDD233} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C2DDC71-BDA8-4D55-9851-F46439DDD233}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71AD929B-0FD2-43AA-BD0C-13E84F0E7421}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71AD929B-0FD2-43AA-BD0C-13E84F0E7421}" => removed successfully
C:\Windows\System32\Tasks\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EA8AC42-333D-4A8B-8AF5-445D2FAA141A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EA8AC42-333D-4A8B-8AF5-445D2FAA141A}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9127082A-1587-4D91-A683-978AFBE350B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9127082A-1587-4D91-A683-978AFBE350B5}" => removed successfully
C:\Windows\System32\Tasks\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6F22C58-BED7-4E10-9BC6-2EE0686F39F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6F22C58-BED7-4E10-9BC6-2EE0686F39F9}" => removed successfully
C:\Windows\System32\Tasks\{AF2E2289-1AE2-4601-91DC-AAD02944F45D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF2E2289-1AE2-4601-91DC-AAD02944F45D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC41C147-3984-4D92-B336-2ABEC890EA1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC41C147-3984-4D92-B336-2ABEC890EA1B}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBC6D307-4BB5-4EE6-8938-0B27A309ADBA}C:\nexon\combat arms eu\engine.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AAC8551C-3D4F-460E-B82B-107E8E1A8C0F}C:\nexon\combat arms eu\engine.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D080E671-E926-48BD-8562-49FC5EBBC005}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A15442FE-AD96-420B-92FB-E69DB09CC86B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8A1E134-49A2-423D-9BA3-1DC18E97A2E0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE0D0AB2-B746-476D-8BBF-9F34C735B76A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17652253 B
Java, Flash, Steam htmlcache => 737 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 388096483 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 111271 B
systemprofile32 => 574270 B
LocalService => 66228 B
NetworkService => 0 B
Storkan => 5813093 B
RecycleBin => 0 B
EmptyTemp: => 393.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:38:15 ====
Ran by Storkan (29-12-2018 20:37:53) Run:1
Running from C:\Users\Storkan\Desktop
Loaded Profiles: Storkan (Available Profiles: Storkan)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Toolbar: HKU\S-1-5-21-2559262752-1286805619-1219072577-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Storkan\AppData\Local\Temp\ccex.crx <not found>
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Storkan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {0386333D-C5F7-45CA-B390-BA05CB3CD137} - System32\Tasks\{79EE9789-65D5-49C0-B211-1598CF2652A9} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Downloads\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {1C6B3572-3B60-471B-8B3B-5795F8215068} - System32\Tasks\{8191B717-62B1-4CDD-9A48-B982E8352517} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp50301[1].exe" -d C:\Users\Storkan\Desktop
Task: {4292A10A-E00E-4076-A1BB-13AD08981CDA} - System32\Tasks\{B63DF085-2376-4090-84A1-28D8FF057943} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M7ARY3G\sp46693.exe" -d C:\Users\Storkan\Desktop
Task: {5C30D84B-1343-4054-86D1-842B6A55E8D4} - System32\Tasks\{665B1852-D55E-4357-B68D-85803864DC6F} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp51059.exe -d C:\Users\Storkan\Desktop
Task: {63A0A70B-926C-4072-A033-7DD9CC4C67E3} - System32\Tasks\{EB347F28-1898-442B-A7C5-A6911F2D1253} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\sp47841.exe -d C:\Users\Storkan\Desktop
Task: {6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191} - System32\Tasks\{6C2DDC71-BDA8-4D55-9851-F46439DDD233} => C:\Windows\system32\pcalua.exe -a D:\johanka\Setup.exe -d D:\johanka
Task: {71AD929B-0FD2-43AA-BD0C-13E84F0E7421} - System32\Tasks\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E} => C:\Windows\system32\pcalua.exe -a E:\sp52330.exe -d E:\
Task: {8EA8AC42-333D-4A8B-8AF5-445D2FAA141A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
Task: {9127082A-1587-4D91-A683-978AFBE350B5} - System32\Tasks\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Storkan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR4CYK0\sp47841[1].exe" -d C:\Users\Storkan\Desktop
Task: {A6F22C58-BED7-4E10-9BC6-2EE0686F39F9} - System32\Tasks\{AF2E2289-1AE2-4601-91DC-AAD02944F45D} => C:\Windows\system32\pcalua.exe -a C:\Users\Storkan\Desktop\Downloads\hijackthis.exe -d C:\Users\Storkan\Desktop\Downloads
Task: {DC41C147-3984-4D92-B336-2ABEC890EA1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.)
FirewallRules: [TCP Query User{DBC6D307-4BB5-4EE6-8938-0B27A309ADBA}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [UDP Query User{AAC8551C-3D4F-460E-B82B-107E8E1A8C0F}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe No File
FirewallRules: [TCP Query User{D080E671-E926-48BD-8562-49FC5EBBC005}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A15442FE-AD96-420B-92FB-E69DB09CC86B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E8A1E134-49A2-423D-9BA3-1DC18E97A2E0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BE0D0AB2-B746-476D-8BBF-9F34C735B76A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-2559262752-1286805619-1219072577-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Storkan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0386333D-C5F7-45CA-B390-BA05CB3CD137}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0386333D-C5F7-45CA-B390-BA05CB3CD137}" => removed successfully
C:\Windows\System32\Tasks\{79EE9789-65D5-49C0-B211-1598CF2652A9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79EE9789-65D5-49C0-B211-1598CF2652A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C6B3572-3B60-471B-8B3B-5795F8215068}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C6B3572-3B60-471B-8B3B-5795F8215068}" => removed successfully
C:\Windows\System32\Tasks\{8191B717-62B1-4CDD-9A48-B982E8352517} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8191B717-62B1-4CDD-9A48-B982E8352517}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4292A10A-E00E-4076-A1BB-13AD08981CDA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4292A10A-E00E-4076-A1BB-13AD08981CDA}" => removed successfully
C:\Windows\System32\Tasks\{B63DF085-2376-4090-84A1-28D8FF057943} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B63DF085-2376-4090-84A1-28D8FF057943}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C30D84B-1343-4054-86D1-842B6A55E8D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C30D84B-1343-4054-86D1-842B6A55E8D4}" => removed successfully
C:\Windows\System32\Tasks\{665B1852-D55E-4357-B68D-85803864DC6F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{665B1852-D55E-4357-B68D-85803864DC6F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63A0A70B-926C-4072-A033-7DD9CC4C67E3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A0A70B-926C-4072-A033-7DD9CC4C67E3}" => removed successfully
C:\Windows\System32\Tasks\{EB347F28-1898-442B-A7C5-A6911F2D1253} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB347F28-1898-442B-A7C5-A6911F2D1253}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BF6C06E-EFD0-4A0C-80BC-3FFFC2CE4191}" => removed successfully
C:\Windows\System32\Tasks\{6C2DDC71-BDA8-4D55-9851-F46439DDD233} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C2DDC71-BDA8-4D55-9851-F46439DDD233}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71AD929B-0FD2-43AA-BD0C-13E84F0E7421}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71AD929B-0FD2-43AA-BD0C-13E84F0E7421}" => removed successfully
C:\Windows\System32\Tasks\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BFC738C2-98EE-4E1B-B8E1-06A38724C29E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EA8AC42-333D-4A8B-8AF5-445D2FAA141A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EA8AC42-333D-4A8B-8AF5-445D2FAA141A}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9127082A-1587-4D91-A683-978AFBE350B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9127082A-1587-4D91-A683-978AFBE350B5}" => removed successfully
C:\Windows\System32\Tasks\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7FF1D910-34FB-4E9F-9448-2019DF98C4F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6F22C58-BED7-4E10-9BC6-2EE0686F39F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6F22C58-BED7-4E10-9BC6-2EE0686F39F9}" => removed successfully
C:\Windows\System32\Tasks\{AF2E2289-1AE2-4601-91DC-AAD02944F45D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF2E2289-1AE2-4601-91DC-AAD02944F45D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC41C147-3984-4D92-B336-2ABEC890EA1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC41C147-3984-4D92-B336-2ABEC890EA1B}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBC6D307-4BB5-4EE6-8938-0B27A309ADBA}C:\nexon\combat arms eu\engine.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AAC8551C-3D4F-460E-B82B-107E8E1A8C0F}C:\nexon\combat arms eu\engine.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D080E671-E926-48BD-8562-49FC5EBBC005}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A15442FE-AD96-420B-92FB-E69DB09CC86B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8A1E134-49A2-423D-9BA3-1DC18E97A2E0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BE0D0AB2-B746-476D-8BBF-9F34C735B76A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17652253 B
Java, Flash, Steam htmlcache => 737 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 388096483 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 111271 B
systemprofile32 => 574270 B
LocalService => 66228 B
NetworkService => 0 B
Storkan => 5813093 B
RecycleBin => 0 B
EmptyTemp: => 393.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:38:15 ====
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Bomba 
Už běhá jako nový. Jen dvě maličkosti, poměrně dlouho nabíhají po startu widlí procesy (cca 30 s) a při zapnutí správce procesů když dám zobrazit procesy všech uživatelů tak se na těch asi 30 s zasekne. Jinak vypadá, že je vše v cajku.
Moc moc moc díky
Už běhá jako nový. Jen dvě maličkosti, poměrně dlouho nabíhají po startu widlí procesy (cca 30 s) a při zapnutí správce procesů když dám zobrazit procesy všech uživatelů tak se na těch asi 30 s zasekne. Jinak vypadá, že je vše v cajku.
Moc moc moc díky
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
To jsem rád. Ještě zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Ok, provedu.
Ještě jednou moc děkuji.
Ještě jednou moc děkuji.
Přispějete na provoz fóra?