Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomalený NB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

zpomalený NB

#1 Příspěvek od neummi »

Zdravím, kamarád mě požádal o kontrolu svého NB. Stěžuje si na rychlost...podle parametrů NB sice není žádné dělo, ale ta rychlost je vážně hrozná a dříve byl údajně několikrát rychlejší.

Zatím jsem pustil ccleaner a defragmentoval disk.

Předem díky za pomoc :)

Logfile of random's system information tool 1.10 (written by random/random)
Run by tesco at 2016-10-22 20:37:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 47 GB (39%) free of 122 GB
Total RAM: 1952 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:12, on 22.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\AsScrPro.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\tesco.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10507 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 2043504
\??\C:\Windows\system32\conhost.exe "-1782890585-2980842555507764518464798041053034002-204939650614112763391379658164
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
taskeng.exe {0BF1E6EF-9FB1-46E1-BB84-5539AC8B77DC}
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
taskeng.exe {AA1EBD79-BB91-4F76-8FF3-26DD606074B7}
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\AsScrPro.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 3452
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\tesco\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-27 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-11-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-27 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-11-03 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-11-03 392472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-11-30 983200]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-11-30 800416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-21 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-04-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-05 12850792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-25 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-17 9083840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-11-03 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-12 18:13:20 ----A---- C:\Windows\system32\mshtml.dll
2016-10-12 18:13:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-12 18:13:15 ----A---- C:\Windows\system32\ieframe.dll
2016-10-12 18:13:13 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 18:13:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 18:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-12 18:13:09 ----A---- C:\Windows\system32\jscript9.dll
2016-10-12 18:13:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-12 18:13:07 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-12 18:13:07 ----A---- C:\Windows\system32\mf.dll
2016-10-12 18:13:06 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\wininet.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\blackbox.dll
2016-10-12 18:13:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\iertutil.dll
2016-10-12 18:13:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-12 18:13:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-12 18:13:03 ----A---- C:\Windows\system32\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 18:12:58 ----A---- C:\Windows\system32\qdvd.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\cryptui.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\mfplat.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 18:12:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-12 18:12:56 ----A---- C:\Windows\system32\win32k.sys
2016-10-12 18:12:56 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\EncDump.dll
2016-10-12 18:12:54 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-12 18:12:54 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-12 18:12:51 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 18:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 18:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 18:12:47 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-12 18:12:47 ----A---- C:\Windows\system32\audiodg.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\mfps.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 18:12:46 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 18:12:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 18:12:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-12 18:12:42 ----A---- C:\Windows\system32\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcalua.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcadm.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\certcli.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieui.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-12 18:12:38 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-12 18:12:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\webcheck.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\occache.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\msrating.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\kerberos.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\schannel.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\inseng.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\smss.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-12 18:12:34 ----A---- C:\Windows\system32\crypt32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wow64win.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wintrust.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wdigest.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\sspicli.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iernonce.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-12 18:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\winsrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-10-12 18:12:32 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\srclient.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-12 18:12:31 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\credssp.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\rstrui.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidapi.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-12 18:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 18:12:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-12 18:12:27 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\adtschema.dll
2016-10-12 18:12:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-12 18:10:58 ----A---- C:\Windows\system32\appraiser.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\aeinv.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\acmigration.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\invagent.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\generaltel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\devinv.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\centel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\aepic.dll
2016-10-12 18:10:53 ----A---- C:\Windows\system32\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\authui.dll
2016-10-12 18:10:31 ----A---- C:\Windows\system32\poqexec.exe
2016-10-12 18:10:29 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-06 22:06:21 ----A---- C:\Windows\system32\aswBoot.exe
2016-09-27 19:50:56 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-22 20:37:12 ----D---- C:\Windows\Prefetch
2016-10-22 20:37:10 ----D---- C:\Program Files\trend micro
2016-10-22 19:23:13 ----SHD---- C:\System Volume Information
2016-10-22 18:49:53 ----D---- C:\Windows\Temp
2016-10-22 18:49:21 ----D---- C:\Windows\system32\config
2016-10-22 18:48:18 ----D---- C:\Windows\rescache
2016-10-22 17:11:21 ----D---- C:\Windows\debug
2016-10-22 17:11:21 ----D---- C:\Windows
2016-10-22 17:04:18 ----D---- C:\Windows\Tasks
2016-10-22 17:04:18 ----D---- C:\Windows\system32\Tasks
2016-10-22 17:03:09 ----SHD---- C:\Windows\Installer
2016-10-22 16:58:00 ----D---- C:\Windows\SysWOW64
2016-10-22 16:57:56 ----D---- C:\Windows\System32
2016-10-22 16:52:05 ----D---- C:\Users\tesco\AppData\Roaming\Skype
2016-10-22 16:50:34 ----D---- C:\ProgramData\Skype
2016-10-22 16:49:57 ----HD---- C:\ASUS.DAT
2016-10-22 16:45:57 ----D---- C:\Windows\system32\drivers
2016-10-18 22:01:43 ----A---- C:\Windows\SYSWOW64\log.txt
2016-10-18 21:55:46 ----HD---- C:\ProgramData
2016-10-18 21:53:54 ----D---- C:\Windows\winsxs
2016-10-18 21:32:28 ----D---- C:\Windows\Microsoft.NET
2016-10-18 21:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-18 21:30:48 ----D---- C:\Windows\inf
2016-10-18 21:30:46 ----RSD---- C:\Windows\assembly
2016-10-18 21:23:56 ----SHD---- C:\Boot
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-18 21:19:58 ----D---- C:\Program Files\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files\Internet Explorer
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-18 21:19:57 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-18 21:19:54 ----D---- C:\Windows\system32\Dism
2016-10-18 21:19:54 ----D---- C:\Windows\system32\cs-CZ
2016-10-18 21:19:53 ----D---- C:\Windows\system32\en-US
2016-10-18 21:19:48 ----D---- C:\Windows\AppPatch
2016-10-18 21:19:45 ----D---- C:\Windows\system32\Boot
2016-10-17 21:56:05 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 21:56:05 ----D---- C:\Windows\system32\appraiser
2016-10-17 21:56:04 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-17 21:56:03 ----D---- C:\Windows\cs-CZ
2016-10-17 21:56:01 ----D---- C:\Windows\system32\DriverStore
2016-10-17 21:16:01 ----RD---- C:\Program Files (x86)\Skype
2016-10-17 21:16:01 ----D---- C:\Program Files (x86)\Common Files
2016-10-17 21:12:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-17 21:11:51 ----D---- C:\Windows\system32\Macromed
2016-10-17 21:11:27 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-16 22:37:17 ----D---- C:\Windows\system32\MRT
2016-10-16 22:18:49 ----AC---- C:\Windows\system32\MRT.exe
2016-10-13 17:55:41 ----D---- C:\Windows\Logs
2016-10-12 18:02:18 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-27 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-27 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-27 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-27 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-27 513632]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-22 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-27 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-27 163416]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-23 130024]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-23 395752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-04 2770944]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-11-30 30368]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-11-03 12310112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-06 3074536]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-11-03 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-27 37656]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-11-30 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-11-30 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-11-30 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-11-30 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-11-30 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-11-30 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-11-30 533152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-17 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-11-30 106144]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-27 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-11-30 158880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-17 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#2 Příspěvek od Rudy »

Zdravím!
Log, který jste sem dal, je již po smazání nálezu ADW, nebo ne?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#3 Příspěvek od neummi »

pouštěl jsem pouze ccleaner....ADW ne :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#4 Příspěvek od Rudy »

OK. Začneme tedy ADW:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#5 Příspěvek od neummi »

# AdwCleaner v6.030 - Log soubor vytvořen 22/10/2016 na 22:53:37
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-22.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : tesco - TESCO-PC
# Beží od : C:\Users\tesco\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-2803091816-1235324921-1474312911-1000\Software\Conduit
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2803091816-1235324921-1474312911-1000\Software\SweetIM
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2803091816-1235324921-1474312911-1000\Software\SweetIM
[#] Klíč smazán po restartování:[x64] HKCU\Software\Conduit


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1401 Bajtů] - [22/10/2016 22:53:37]
C:\AdwCleaner\AdwCleaner[R0].txt - [3083 Bajtů] - [12/06/2015 23:05:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [2612 Bajtů] - [12/06/2015 23:07:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [2025 Bajtů] - [22/10/2016 22:53:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1697 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#6 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#7 Příspěvek od neummi »

Logfile of random's system information tool 1.10 (written by random/random)
Run by tesco at 2016-10-23 11:10:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 47 GB (38%) free of 122 GB
Total RAM: 1952 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:43, on 23.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\tesco.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10763 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 2638608
\??\C:\Windows\system32\conhost.exe "-1045382259-1595624214-7309330672028685862061847272-483838298-720973067-655768155
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
taskeng.exe {03CBFF1C-7791-478A-B9F7-0EBB3139365C}
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
taskeng.exe {B0A5C2F1-C73D-484F-8DCA-BE2DF4F57FC9}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
WLIDSvcM.exe 2120
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {C92FC5FD-4A11-43F7-9180-43DFACB8AF14}

"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\tesco\AppData\Local\Opera\Opera\temporary_downloads\RSITx64 (1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-27 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-11-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-27 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-11-03 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-11-03 392472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-11-30 983200]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-11-30 800416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-21 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-04-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-05 12850792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-25 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-17 9083840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-11-03 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-12 18:13:20 ----A---- C:\Windows\system32\mshtml.dll
2016-10-12 18:13:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-12 18:13:15 ----A---- C:\Windows\system32\ieframe.dll
2016-10-12 18:13:13 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 18:13:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 18:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-12 18:13:09 ----A---- C:\Windows\system32\jscript9.dll
2016-10-12 18:13:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-12 18:13:07 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-12 18:13:07 ----A---- C:\Windows\system32\mf.dll
2016-10-12 18:13:06 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\wininet.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\blackbox.dll
2016-10-12 18:13:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\iertutil.dll
2016-10-12 18:13:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-12 18:13:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-12 18:13:03 ----A---- C:\Windows\system32\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 18:12:58 ----A---- C:\Windows\system32\qdvd.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\cryptui.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\mfplat.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 18:12:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-12 18:12:56 ----A---- C:\Windows\system32\win32k.sys
2016-10-12 18:12:56 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\EncDump.dll
2016-10-12 18:12:54 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-12 18:12:54 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-12 18:12:51 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 18:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 18:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 18:12:47 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-12 18:12:47 ----A---- C:\Windows\system32\audiodg.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\mfps.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 18:12:46 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 18:12:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 18:12:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-12 18:12:42 ----A---- C:\Windows\system32\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcalua.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcadm.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\certcli.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieui.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-12 18:12:38 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-12 18:12:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\webcheck.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\occache.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\msrating.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\kerberos.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\schannel.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\inseng.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\smss.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-12 18:12:34 ----A---- C:\Windows\system32\crypt32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wow64win.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wintrust.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wdigest.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\sspicli.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iernonce.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-12 18:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\winsrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-10-12 18:12:32 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\srclient.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-12 18:12:31 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\credssp.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\rstrui.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidapi.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-12 18:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 18:12:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-12 18:12:27 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\adtschema.dll
2016-10-12 18:12:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-12 18:10:58 ----A---- C:\Windows\system32\appraiser.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\aeinv.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\acmigration.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\invagent.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\generaltel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\devinv.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\centel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\aepic.dll
2016-10-12 18:10:53 ----A---- C:\Windows\system32\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\authui.dll
2016-10-12 18:10:31 ----A---- C:\Windows\system32\poqexec.exe
2016-10-12 18:10:29 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-06 22:06:21 ----A---- C:\Windows\system32\aswBoot.exe
2016-09-27 19:50:56 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-23 11:10:42 ----D---- C:\Program Files\trend micro
2016-10-23 10:53:24 ----D---- C:\Windows\Temp
2016-10-23 10:45:54 ----D---- C:\Windows\Prefetch
2016-10-23 10:16:39 ----D---- C:\Windows\system32\config
2016-10-23 10:14:03 ----SHD---- C:\Windows\Installer
2016-10-23 10:09:54 ----RD---- C:\Program Files (x86)
2016-10-23 10:09:50 ----D---- C:\Windows\Tasks
2016-10-23 10:03:52 ----D---- C:\Windows\system32\Tasks
2016-10-23 10:03:38 ----D---- C:\Program Files (x86)\Google
2016-10-22 22:57:51 ----A---- C:\Windows\SYSWOW64\log.txt
2016-10-22 22:55:17 ----D---- C:\Windows
2016-10-22 22:53:37 ----D---- C:\AdwCleaner
2016-10-22 19:23:13 ----SHD---- C:\System Volume Information
2016-10-22 18:48:18 ----D---- C:\Windows\rescache
2016-10-22 17:11:21 ----D---- C:\Windows\debug
2016-10-22 16:58:00 ----D---- C:\Windows\SysWOW64
2016-10-22 16:57:56 ----D---- C:\Windows\System32
2016-10-22 16:52:05 ----D---- C:\Users\tesco\AppData\Roaming\Skype
2016-10-22 16:50:34 ----D---- C:\ProgramData\Skype
2016-10-22 16:49:57 ----HD---- C:\ASUS.DAT
2016-10-22 16:45:57 ----D---- C:\Windows\system32\drivers
2016-10-18 21:55:46 ----HD---- C:\ProgramData
2016-10-18 21:53:54 ----D---- C:\Windows\winsxs
2016-10-18 21:32:28 ----D---- C:\Windows\Microsoft.NET
2016-10-18 21:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-18 21:30:48 ----D---- C:\Windows\inf
2016-10-18 21:30:46 ----RSD---- C:\Windows\assembly
2016-10-18 21:23:56 ----SHD---- C:\Boot
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-18 21:19:58 ----D---- C:\Program Files\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files\Internet Explorer
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-18 21:19:57 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-18 21:19:54 ----D---- C:\Windows\system32\Dism
2016-10-18 21:19:54 ----D---- C:\Windows\system32\cs-CZ
2016-10-18 21:19:53 ----D---- C:\Windows\system32\en-US
2016-10-18 21:19:48 ----D---- C:\Windows\AppPatch
2016-10-18 21:19:45 ----D---- C:\Windows\system32\Boot
2016-10-17 21:56:05 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 21:56:05 ----D---- C:\Windows\system32\appraiser
2016-10-17 21:56:04 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-17 21:56:03 ----D---- C:\Windows\cs-CZ
2016-10-17 21:56:01 ----D---- C:\Windows\system32\DriverStore
2016-10-17 21:16:01 ----RD---- C:\Program Files (x86)\Skype
2016-10-17 21:16:01 ----D---- C:\Program Files (x86)\Common Files
2016-10-17 21:12:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-17 21:11:51 ----D---- C:\Windows\system32\Macromed
2016-10-17 21:11:27 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-16 22:37:17 ----D---- C:\Windows\system32\MRT
2016-10-16 22:18:49 ----AC---- C:\Windows\system32\MRT.exe
2016-10-13 17:55:41 ----D---- C:\Windows\Logs
2016-10-12 18:02:18 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-27 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-27 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-27 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-27 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-27 513632]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-22 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-27 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-27 163416]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-23 130024]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-23 395752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-04 2770944]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-11-30 30368]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-11-03 12310112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-06 3074536]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-11-03 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-27 37656]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-11-30 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-11-30 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-11-30 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-11-30 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-11-30 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-11-30 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-11-30 533152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-17 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-11-30 106144]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-27 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-11-30 158880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-17 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#8 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#9 Příspěvek od neummi »

bohužel jsem nestihl vypnout avast před restartem:

Logfile of random's system information tool 1.10 (written by random/random)
Run by tesco at 2016-10-23 11:27:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 47 GB (38%) free of 122 GB
Total RAM: 1952 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:27:23, on 23.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\tesco\Desktop\OTM.exe
C:\Program Files\trend micro\tesco.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10795 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 29288848
\??\C:\Windows\system32\conhost.exe "-907752754-340373007-1265679908783228147-1854384256-17042796275897625241367384192
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {E192872B-74E6-48AD-A667-57C91FECD847}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
taskeng.exe {C9922B03-8564-41B5-8F27-5726BE3B35A1}
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
taskeng.exe {3329F29A-4980-4614-BEE5-E6A0A18C97D2}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
WLIDSvcM.exe 2080
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\tesco\Desktop\OTM.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\tesco\AppData\Local\Opera\Opera\temporary_downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-27 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-11-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-27 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-11-03 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-11-03 392472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-11-30 983200]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-11-30 800416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-21 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-04-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-05 12850792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-25 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-17 9083840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-11-03 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-23 11:20:19 ----D---- C:\_OTM
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-12 18:13:46 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-12 18:13:45 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-12 18:13:20 ----A---- C:\Windows\system32\mshtml.dll
2016-10-12 18:13:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-12 18:13:15 ----A---- C:\Windows\system32\ieframe.dll
2016-10-12 18:13:13 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 18:13:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 18:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-12 18:13:09 ----A---- C:\Windows\system32\jscript9.dll
2016-10-12 18:13:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-12 18:13:07 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-12 18:13:07 ----A---- C:\Windows\system32\mf.dll
2016-10-12 18:13:06 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\wininet.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-12 18:13:06 ----A---- C:\Windows\system32\blackbox.dll
2016-10-12 18:13:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-12 18:13:05 ----A---- C:\Windows\system32\iertutil.dll
2016-10-12 18:13:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-12 18:13:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-12 18:13:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-12 18:13:03 ----A---- C:\Windows\system32\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-12 18:13:02 ----A---- C:\Windows\system32\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-12 18:13:01 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\vbscript.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\evr.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-12 18:13:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-12 18:12:59 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 18:12:59 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-12 18:12:58 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 18:12:58 ----A---- C:\Windows\system32\qdvd.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\cryptui.dll
2016-10-12 18:12:58 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-12 18:12:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\mfplat.dll
2016-10-12 18:12:57 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 18:12:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-12 18:12:56 ----A---- C:\Windows\system32\win32k.sys
2016-10-12 18:12:56 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-12 18:12:55 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-12 18:12:55 ----A---- C:\Windows\system32\EncDump.dll
2016-10-12 18:12:54 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-12 18:12:54 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-12 18:12:51 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 18:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 18:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 18:12:47 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-12 18:12:47 ----A---- C:\Windows\system32\audiodg.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-12 18:12:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\mfps.dll
2016-10-12 18:12:46 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 18:12:46 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-12 18:12:45 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 18:12:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 18:12:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-12 18:12:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-12 18:12:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 18:12:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-12 18:12:42 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-12 18:12:42 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-12 18:12:42 ----A---- C:\Windows\system32\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-12 18:12:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcalua.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\pcadm.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-12 18:12:41 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-12 18:12:41 ----A---- C:\Windows\system32\certcli.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\spwmp.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\jscript.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\INETRES.dll
2016-10-12 18:12:40 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieui.dll
2016-10-12 18:12:39 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-12 18:12:38 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-12 18:12:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\webcheck.dll
2016-10-12 18:12:37 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-12 18:12:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\occache.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\msrating.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\kerberos.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-12 18:12:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-12 18:12:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\schannel.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\inseng.dll
2016-10-12 18:12:35 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-12 18:12:34 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\smss.exe
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-12 18:12:34 ----A---- C:\Windows\system32\crypt32.dll
2016-10-12 18:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-12 18:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wow64win.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wintrust.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\wdigest.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\sspicli.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iesetup.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\iernonce.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-12 18:12:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-12 18:12:33 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-12 18:12:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\winsrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\mferror.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-10-12 18:12:32 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-12 18:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-12 18:12:31 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\wow64.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\srclient.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\secur32.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-12 18:12:31 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-12 18:12:31 ----A---- C:\Windows\system32\credssp.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\rstrui.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\auditpol.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 18:12:30 ----A---- C:\Windows\system32\appidapi.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 18:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-12 18:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-12 18:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 18:12:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 18:12:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 18:12:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-12 18:12:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-12 18:12:27 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\msaudite.dll
2016-10-12 18:12:26 ----A---- C:\Windows\system32\adtschema.dll
2016-10-12 18:12:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\msobjs.dll
2016-10-12 18:12:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-12 18:10:58 ----A---- C:\Windows\system32\appraiser.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\aeinv.dll
2016-10-12 18:10:58 ----A---- C:\Windows\system32\acmigration.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\invagent.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\generaltel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\devinv.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\centel.dll
2016-10-12 18:10:57 ----A---- C:\Windows\system32\aepic.dll
2016-10-12 18:10:53 ----A---- C:\Windows\system32\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-12 18:10:51 ----A---- C:\Windows\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-12 18:10:50 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-12 18:10:50 ----A---- C:\Windows\system32\authui.dll
2016-10-12 18:10:31 ----A---- C:\Windows\system32\poqexec.exe
2016-10-12 18:10:29 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-06 22:06:21 ----A---- C:\Windows\system32\aswBoot.exe
2016-09-27 19:50:56 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-23 11:27:22 ----D---- C:\Program Files\trend micro
2016-10-23 11:25:29 ----D---- C:\Windows\Temp
2016-10-23 11:25:11 ----A---- C:\Windows\SYSWOW64\log.txt
2016-10-23 11:24:32 ----D---- C:\Windows\Prefetch
2016-10-23 11:23:24 ----D---- C:\Windows\system32\config
2016-10-23 11:20:21 ----D---- C:\Windows\Tasks
2016-10-23 10:14:03 ----SHD---- C:\Windows\Installer
2016-10-23 10:09:54 ----RD---- C:\Program Files (x86)
2016-10-23 10:03:52 ----D---- C:\Windows\system32\Tasks
2016-10-23 10:03:38 ----D---- C:\Program Files (x86)\Google
2016-10-22 22:55:17 ----D---- C:\Windows
2016-10-22 22:53:37 ----D---- C:\AdwCleaner
2016-10-22 19:23:13 ----SHD---- C:\System Volume Information
2016-10-22 18:48:18 ----D---- C:\Windows\rescache
2016-10-22 17:11:21 ----D---- C:\Windows\debug
2016-10-22 16:58:00 ----D---- C:\Windows\SysWOW64
2016-10-22 16:57:56 ----D---- C:\Windows\System32
2016-10-22 16:52:05 ----D---- C:\Users\tesco\AppData\Roaming\Skype
2016-10-22 16:50:34 ----D---- C:\ProgramData\Skype
2016-10-22 16:49:57 ----HD---- C:\ASUS.DAT
2016-10-22 16:45:57 ----D---- C:\Windows\system32\drivers
2016-10-18 21:55:46 ----HD---- C:\ProgramData
2016-10-18 21:53:54 ----D---- C:\Windows\winsxs
2016-10-18 21:32:28 ----D---- C:\Windows\Microsoft.NET
2016-10-18 21:30:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-18 21:30:48 ----D---- C:\Windows\inf
2016-10-18 21:30:46 ----RSD---- C:\Windows\assembly
2016-10-18 21:23:56 ----SHD---- C:\Boot
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-18 21:19:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-18 21:19:58 ----D---- C:\Program Files\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files\Internet Explorer
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-18 21:19:58 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-18 21:19:57 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-18 21:19:54 ----D---- C:\Windows\system32\Dism
2016-10-18 21:19:54 ----D---- C:\Windows\system32\cs-CZ
2016-10-18 21:19:53 ----D---- C:\Windows\system32\en-US
2016-10-18 21:19:48 ----D---- C:\Windows\AppPatch
2016-10-18 21:19:45 ----D---- C:\Windows\system32\Boot
2016-10-17 21:56:05 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 21:56:05 ----D---- C:\Windows\system32\appraiser
2016-10-17 21:56:04 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-17 21:56:03 ----D---- C:\Windows\cs-CZ
2016-10-17 21:56:01 ----D---- C:\Windows\system32\DriverStore
2016-10-17 21:16:01 ----RD---- C:\Program Files (x86)\Skype
2016-10-17 21:16:01 ----D---- C:\Program Files (x86)\Common Files
2016-10-17 21:12:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-17 21:11:51 ----D---- C:\Windows\system32\Macromed
2016-10-17 21:11:27 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-16 22:37:17 ----D---- C:\Windows\system32\MRT
2016-10-16 22:18:49 ----AC---- C:\Windows\system32\MRT.exe
2016-10-13 17:55:41 ----D---- C:\Windows\Logs
2016-10-12 18:02:18 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-27 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-27 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-27 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-27 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-27 513632]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-22 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-27 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-27 163416]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-23 130024]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-23 395752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-04 2770944]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-11-30 30368]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-11-03 12310112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-09-06 3074536]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-11-03 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-27 37656]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-11-30 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-11-30 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-11-30 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-11-30 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-11-30 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-11-30 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-11-30 533152]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-17 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-11-30 106144]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-27 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-11-30 158880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-17 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-23 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#11 Příspěvek od neummi »

Ano je to rychlejší :) , ale ještě pořád to není ono. Dá se ještě něco udělat pro svižnější chod? Defragmentace disku byla puštěna cca před 2 týdny. Moc SW v tomto NB není, protože slouží víceméně jen k internetu a max nějaký word, excel a podobně. :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#12 Příspěvek od Rudy »

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#13 Příspěvek od neummi »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.10.2016
Čas skenování: 17:39
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.10.23.05
Databáze rootkitů: v2016.09.26.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: tesco

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 306398
Uplynulý čas: 25 min, 54 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [e0c1009c297134023050b4dad42eb44c],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: zpomalený NB

#14 Příspěvek od Rudy »

Nalezenou položku smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený NB

#15 Příspěvek od neummi »

Smazáno. Předpokládám, že už asi nic dalšího na vyčištění nenajdeme :) . Myslím si, že zmíněný NB už moc urychlit nepůjde :) . Tím pádem Vám děkuji za pomoc a přeji hezký večer :) .
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“