virus Policie CR

[martybx]

Zdravim, s kamaradem tu sedime nad notebookem jeho otce. Po spusteni ntb se v prohlizeci zobrazilo vzdy okno s vystrahou policie CR s tim ze se prohlizelo porno a ze se ma zaplatit pokuta 4000,-
Otec kamarada pry nekde na facebooku na neco klikl...
No abychom to castecne rozjeli tak pomoci obnoveni sytemu jsme ntb dali zpet o tyden, a ted to bezi bez toho varovani policie. Sice to neni elegantni reseni ale aspon se ted dostanem k ovladani ntb.
Jeste obcas vyskakuji ruzne reklamni okna a ntb je strasne pomaly.
muzete prosim kouknout na log?
diky

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-11-25 21:16:37
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 136 GB (61%) free of 224 GB
Total RAM: 1979 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:19, on 25.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 10908 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
AVGUI.exe /nogui
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
 /fmw.trayonly
"C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe"
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" 
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3896
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4140.0.755326917\1945263399" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  "C:\Users\Petr\AppData\LocalLow\Mozilla\Temp-{caa7e3a9-6d01-49f4-b356-b055695eb22f}" 4140 "\\.\pipe\gecko-crash-server-pipe.4140" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4140.3.776477903\16958523" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{caa7e3a9-6d01-49f4-b356-b055695eb22f}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  4140 "\\.\pipe\gecko-crash-server-pipe.4140" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4140.13.196442018\1803800903" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{caa7e3a9-6d01-49f4-b356-b055695eb22f}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  4140 "\\.\pipe\gecko-crash-server-pipe.4140" tab
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
C:\Windows\system32\CompatTelRunner.exe 
\??\C:\Windows\system32\conhost.exe "-746162236703301052-2132982080-3855546001408142899-20488136852088221675-2022277142
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XHvJLuwtCEi6Ixgz.1
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
"C:\Program Files (x86)\AVG\Antivirus\setup\instup.exe" /instop:update_vps
"C:\Users\Petr\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {1211A8C8-6E7E-40AC-BBDE-4A75266CE01B}
C:\Windows\system32\GWX\GWXConfigManager.exe /RefreshConfig

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\pllwphwn.default-1437713462976-1501308915066

prefs.js - "browser.startup.homepage" -  "https://www.seznam.cz/#"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll [2017-10-21 2261576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-18 2281256]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-05-27 6489704]
"RtkOSD"=C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [2010-01-13 995840]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-10-31 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-10-05 302744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2017-10-21 2187336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-04-29 52272]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-25 21:16:36 ----D---- C:\rsit
2017-11-25 21:13:22 ----A---- C:\Windows\system32\avgBoot.exe
2017-11-07 18:11:22 ----A---- C:\Windows\system32\drivers\avgNetSec.sys
2017-11-07 18:11:22 ----A---- C:\Windows\system32\drivers\aswd664646e8c8bcb8a.tmp
2017-11-07 18:10:18 ----A---- C:\Windows\system32\drivers\avgNetNd6.sys
2017-10-31 06:35:20 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2017-11-26 06:05:27 ----D---- C:\Windows\Tasks
2017-11-26 06:05:27 ----D---- C:\Windows\SysWOW64
2017-11-26 06:05:27 ----D---- C:\Windows\system32\wfp
2017-11-26 06:05:27 ----D---- C:\Windows\system32\DriverStore
2017-11-26 06:05:27 ----D---- C:\Windows
2017-11-26 06:05:25 ----D---- C:\Windows\system32\wbem
2017-11-26 06:05:24 ----SHD---- C:\Windows\Installer
2017-11-26 06:05:24 ----SD---- C:\Windows\system32\GWX
2017-11-26 06:05:24 ----D---- C:\Windows\system32\Macromed
2017-11-26 06:05:24 ----D---- C:\Windows\system32\drivers\etc
2017-11-26 06:05:24 ----D---- C:\Windows\system32\catroot2
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-26 06:05:19 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2017-11-26 06:05:19 ----D---- C:\Program Files (x86)\Amazon Browser Settings
2017-11-26 06:05:13 ----D---- C:\Windows\registration
2017-11-26 06:05:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-26 06:04:38 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2017-11-26 06:04:22 ----RD---- C:\Program Files (x86)
2017-11-26 06:03:50 ----SHD---- C:\System Volume Information
2017-11-25 21:17:19 ----D---- C:\Program Files\trend micro
2017-11-25 21:15:18 ----D---- C:\Windows\System32
2017-11-25 21:15:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-25 21:15:17 ----D---- C:\Windows\inf
2017-11-25 21:14:18 ----D---- C:\Windows\Temp
2017-11-25 21:14:13 ----D---- C:\Windows\system32\Tasks
2017-11-25 21:13:38 ----D---- C:\Windows\system32\drivers
2017-11-25 21:13:27 ----D---- C:\Windows\winsxs
2017-11-25 21:08:52 ----A---- C:\ProgramData\HPWALog.txt
2017-11-25 21:08:29 ----HD---- C:\ProgramData
2017-11-25 21:08:07 ----D---- C:\Windows\system32\config
2017-11-17 18:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-07 18:11:36 ----A---- C:\Windows\system32\drivers\aswecd2abc9c4a9b699.tmp
2017-10-31 06:35:29 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2017-10-05 192584]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2017-10-05 336896]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2017-10-05 51336]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2017-10-05 76832]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2017-10-05 355856]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avgbdisk;avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [2017-10-05 166624]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2017-10-05 314640]
R1 avgNetSec;avgNetSec; C:\Windows\system32\drivers\avgNetSec.sys [2017-11-07 548568]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2017-10-05 102792]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2017-11-07 1022288]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2017-10-05 579584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2017-10-05 140192]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2017-10-05 193768]
R3 avgNetNd6;AVG Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\avgNetNd6.sys [2017-11-07 29944]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-05-27 2494056]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-05 144896]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-05-27 347680]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 1088544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-03-18 1390640]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2017-02-21 32304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2017-10-05 39424]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-05-27 245792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2010-01-21 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2010-01-21 27648]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2010-01-21 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-10-05 282536]
R2 AVG Firewall;AVG Firewall Service; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [2017-11-07 331952]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-10-31 1428656]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-01-04 238328]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-09-27 323952]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-07-26 5906704]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2017-10-21 981576]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-10-05 7496672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-19 175568]
S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-27 1255736]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[martybx]

taky zdravim.
zde je pozadovany log:

Kód: Vybrat vše

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 25 21:13:31 2017
# Updated on 2017/27/10 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: WtuSystemSupport


***** [ Folders ] *****

Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\SiteRanker
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\SiteRanker
Deleted: C:\ProgramData\AVG Secure Search
Deleted: C:\ProgramData\Application Data\AVG Secure Search
Deleted: C:\Program Files\Common Files\AVG Secure Search
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\AVG Secure Search
Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
Deleted: C:\Users\All Users\AVG Secure Search
Deleted: C:\ProgramData\AVG Security Toolbar
Deleted: C:\ProgramData\Application Data\AVG Security Toolbar
Deleted: C:\Users\All Users\AVG Security Toolbar
Deleted: C:\Users\Petr\AppData\Local\VNT
Deleted: C:\ProgramData\avg web tuneup
Deleted: C:\ProgramData\Application Data\avg web tuneup
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Program Files (x86)\avg web tuneup
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Users\All Users\avg web tuneup
Deleted: C:\Users\Petr\AppData\Local\avg web tuneup
Deleted: C:\Users\Petr\AppData\LocalLow\avg web tuneup
Deleted: C:\ProgramData\apn
Deleted: C:\ProgramData\Application Data\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\TEMP\AppData\Local\Temp\apn
Deleted: C:\Program Files (x86)\Amazon Browser Settings
Deleted: C:\Users\Petr\AppData\Local\Amazon Browser Settings
Deleted: C:\ProgramData\Avg_Update_1214tb


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DistromaticSearchProtect-logon
Deleted: DistromaticUpdater-periodic
Deleted: DistromaticSearchProtect-hourly
Deleted: DistromaticUpdater-logon
Deleted: AVG-Secure-Search-Update_JUNE2013_HP_rmv
Deleted: AVG-Secure-Search-Update_JUNE2013_TB_rmv


***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-2493359014-2159936361-342289430-1001\Software\distromatic
Deleted: [Key] - HKCU\Software\distromatic
Deleted: [Key] - HKU\.DEFAULT\Software\AVG Secure Search
Deleted: [Key] - HKU\S-1-5-18\Software\AVG Secure Search
Deleted: [Key] - HKU\.DEFAULT\Software\CToolbar
Deleted: [Key] - HKU\S-1-5-18\Software\CToolbar
Deleted: [Key] - HKU\S-1-5-21-2493359014-2159936361-342289430-1001\Software\VNT
Deleted: [Key] - HKCU\Software\VNT
Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Assistant
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Value] - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted: [Value] - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{63EDCDD3-8AFC-4358-A90F-F7FB8F5C64FF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Deleted: [Key] - HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
Deleted: [Key] - HKU\.DEFAULT\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-21-2493359014-2159936361-342289430-1001\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-18\Software\Auslogics
Deleted: [Key] - HKCU\Software\Auslogics


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [9547 B] - [2017/11/25 21:9:35]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

Dejte nový log RSIT.

[martybx]

zde:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-11-26 15:29:48
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 133 GB (59%) free of 224 GB
Total RAM: 1979 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:30:02, on 26.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10597 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
taskeng.exe {ED43B261-DED6-4A71-96B7-065354BCFA04}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2172
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"
"C:\Program Files\Realtek\RtVOsd\RtVOsd.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
AVGUI.exe /nogui
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
 /fmw.trayonly
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3612.0.2063924850\2047452468" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  "C:\Users\Petr\AppData\LocalLow\Mozilla\Temp-{caa7e3a9-6d01-49f4-b356-b055695eb22f}" 3612 "\\.\pipe\gecko-crash-server-pipe.3612" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3612.3.609900502\245820663" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{caa7e3a9-6d01-49f4-b356-b055695eb22f}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  3612 "\\.\pipe\gecko-crash-server-pipe.3612" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3612.13.817784573\1096255114" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{caa7e3a9-6d01-49f4-b356-b055695eb22f}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser"  3612 "\\.\pipe\gecko-crash-server-pipe.3612" tab
C:\Windows\system32\sdclt.exe /CHECKSKIPPED
"C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe" 
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 

"C:\Users\Petr\Desktop\RSITx64.exe" 
"C:\Users\Petr\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\pllwphwn.default-1437713462976-1501308915066

prefs.js - "browser.startup.homepage" -  "https://www.seznam.cz/#"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-18 2281256]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-05-27 6489704]
"RtkOSD"=C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [2010-01-13 995840]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-10-31 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-10-05 302744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-04-29 52272]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-25 23:20:48 ----D---- C:\ProgramData\SWCUTemp
2017-11-25 23:15:51 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-11-25 23:04:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-11-25 23:04:52 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\iernonce.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-11-25 22:58:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-11-25 22:58:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\wudriver.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\UtcResources.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\inseng.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-11-25 22:58:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-25 22:58:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-11-25 22:58:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-25 22:58:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-25 22:58:12 ----A---- C:\Windows\system32\urlmon.dll
2017-11-25 22:58:12 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-25 22:58:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\wuwebv.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-25 22:58:10 ----A---- C:\Windows\system32\dxtrans.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\diagtrack.dll
2017-11-25 22:58:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-25 22:58:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-25 22:58:09 ----A---- C:\Windows\system32\iesetup.dll
2017-11-25 22:58:08 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-25 22:58:06 ----A---- C:\Windows\system32\iertutil.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-25 22:58:05 ----A---- C:\Windows\system32\vbscript.dll
2017-11-25 22:58:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-25 22:58:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-11-25 22:58:04 ----A---- C:\Windows\system32\ieUnatt.exe
2017-11-25 22:58:03 ----A---- C:\Windows\system32\wuaueng.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\ieui.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\ieframe.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\dxtmsft.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\webcheck.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\mshtmled.dll
2017-11-25 22:58:00 ----A---- C:\Windows\system32\jscript.dll
2017-11-25 22:57:59 ----A---- C:\Windows\system32\jscript9diag.dll
2017-11-25 22:57:59 ----A---- C:\Windows\system32\jscript9.dll
2017-11-25 22:57:58 ----A---- C:\Windows\system32\wininet.dll
2017-11-25 22:57:58 ----A---- C:\Windows\system32\jsproxy.dll
2017-11-25 22:57:57 ----A---- C:\Windows\system32\msrating.dll
2017-11-25 22:57:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-11-25 22:57:54 ----A---- C:\Windows\system32\mshtml.dll
2017-11-25 22:57:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-11-25 22:57:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wucltux.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuauclt.exe
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuapp.exe
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuapi.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-11-25 22:57:50 ----A---- C:\Windows\system32\shell32.dll
2017-11-25 22:57:50 ----A---- C:\Windows\system32\occache.dll
2017-11-25 22:57:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-25 22:57:45 ----A---- C:\Windows\system32\FntCache.dll
2017-11-25 22:57:45 ----A---- C:\Windows\system32\DWrite.dll
2017-11-25 22:57:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-11-25 22:57:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-11-25 22:57:43 ----A---- C:\Windows\system32\mf.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-25 22:57:40 ----A---- C:\Windows\system32\ole32.dll
2017-11-25 22:57:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-25 22:57:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-11-25 22:57:38 ----A---- C:\Windows\system32\blackbox.dll
2017-11-25 22:57:36 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wups2.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wups.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-11-25 22:57:35 ----SHD---- C:\Config.Msi
2017-11-25 22:57:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-11-25 22:57:35 ----A---- C:\Windows\system32\win32k.sys
2017-11-25 22:57:35 ----A---- C:\Windows\system32\mmc.exe
2017-11-25 22:57:35 ----A---- C:\Windows\system32\drmv2clt.dll
2017-11-25 22:57:34 ----A---- C:\Windows\system32\WsmSvc.dll
2017-11-25 22:57:34 ----A---- C:\Windows\system32\msxml3.dll
2017-11-25 22:57:33 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-11-25 22:57:33 ----A---- C:\Windows\system32\msi.dll
2017-11-25 22:57:33 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-11-25 22:57:32 ----A---- C:\Windows\system32\ntdll.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-11-25 22:57:31 ----A---- C:\Windows\system32\lsasrv.dll
2017-11-25 22:57:31 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2017-11-25 22:57:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-11-25 22:57:29 ----A---- C:\Windows\system32\wmp.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-11-25 22:57:27 ----A---- C:\Windows\system32\kerberos.dll
2017-11-25 22:57:27 ----A---- C:\Windows\system32\crypt32.dll
2017-11-25 22:57:25 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\tquery.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\scavengeui.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\quartz.dll
2017-11-25 22:57:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-11-25 22:57:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-11-25 22:57:24 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-11-25 22:57:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-11-25 22:57:23 ----A---- C:\Windows\system32\Query.dll
2017-11-25 22:57:23 ----A---- C:\Windows\system32\oleaut32.dll
2017-11-25 22:57:22 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-11-25 22:57:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-11-25 22:57:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-11-25 22:57:22 ----A---- C:\Windows\system32\advapi32.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\winload.exe
2017-11-25 22:57:21 ----A---- C:\Windows\system32\rdpcore.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\msctf.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\localspl.dll
2017-11-25 22:57:20 ----A---- C:\Windows\system32\kernel32.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\win32spl.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\schannel.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\samsrv.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\rpcss.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\mssrch.dll
2017-11-25 22:57:18 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-11-25 22:57:18 ----A---- C:\Windows\system32\drivers\srv.sys
2017-11-25 22:57:18 ----A---- C:\Windows\system32\drivers\http.sys
2017-11-25 22:57:18 ----A---- C:\Windows\system32\authui.dll
2017-11-25 22:57:18 ----A---- C:\Windows\system32\audiosrv.dll
2017-11-25 22:57:17 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-25 22:57:17 ----A---- C:\Windows\HelpPane.exe
2017-11-25 22:57:16 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-11-25 22:57:16 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-11-25 22:57:16 ----A---- C:\Windows\system32\UIAnimation.dll
2017-11-25 22:57:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\wer.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\KernelBase.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\inetcomm.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-11-25 22:57:14 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-11-25 22:57:14 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-11-25 22:57:14 ----A---- C:\Windows\system32\msv1_0.dll
2017-11-25 22:57:14 ----A---- C:\Windows\system32\drivers\afd.sys
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-11-25 22:57:13 ----A---- C:\Windows\system32\usp10.dll
2017-11-25 22:57:13 ----A---- C:\Windows\system32\evr.dll
2017-11-25 22:57:12 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\wlansec.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\WebClnt.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-11-25 22:57:12 ----A---- C:\Windows\system32\atmfd.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\Wldap32.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\wdc.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-11-25 22:57:10 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-11-25 22:57:10 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-11-25 22:57:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-11-25 22:57:10 ----A---- C:\Windows\system32\drivers\cng.sys
2017-11-25 22:57:10 ----A---- C:\Windows\system32\cdosys.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\user32.dll
2017-11-25 22:57:08 ----A---- C:\Windows\system32\wintrust.dll
2017-11-25 22:57:08 ----A---- C:\Windows\system32\pla.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\gdi32.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-11-25 22:57:07 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-11-25 22:57:07 ----A---- C:\Windows\system32\cryptsvc.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\clfs.sys
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-11-25 22:57:06 ----A---- C:\Windows\system32\wow64win.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\ncrypt.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-11-25 22:57:06 ----A---- C:\Windows\system32\cryptui.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\certcli.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\srcore.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\qdvd.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\conhost.exe
2017-11-25 22:57:05 ----A---- C:\Windows\system32\AudioEng.dll
2017-11-25 22:57:04 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-11-25 22:57:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-25 22:57:04 ----A---- C:\Windows\system32\rpchttp.dll
2017-11-25 22:57:04 ----A---- C:\Windows\system32\msinfo32.exe
2017-11-25 22:57:03 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-11-25 22:57:03 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-11-25 22:57:03 ----A---- C:\Windows\system32\wdigest.dll
2017-11-25 22:57:03 ----A---- C:\Windows\system32\drivers\netio.sys
2017-11-25 22:57:03 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-11-25 22:57:02 ----A---- C:\Windows\system32\themeui.dll
2017-11-25 22:57:02 ----A---- C:\Windows\system32\mfplat.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\WsmAuto.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-11-25 22:57:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-11-25 22:57:01 ----A---- C:\Windows\system32\davclnt.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\AudioSes.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-11-25 22:57:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-11-25 22:56:59 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-11-25 22:56:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-11-25 22:56:59 ----A---- C:\Windows\system32\pcasvc.dll
2017-11-25 22:56:59 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-11-25 22:56:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-11-25 22:56:58 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-11-25 22:56:57 ----A---- C:\Windows\system32\wlanmsm.dll
2017-11-25 22:56:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-11-25 22:56:56 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-11-25 22:56:56 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\winsrv.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\msiexec.exe
2017-11-25 22:56:56 ----A---- C:\Windows\system32\inetpp.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\EncDump.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-11-25 22:56:56 ----A---- C:\Windows\system32\cic.dll
2017-11-25 22:56:54 ----A---- C:\Windows\system32\mscms.dll
2017-11-25 22:56:54 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-11-25 22:56:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-25 22:56:53 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-11-25 22:56:53 ----A---- C:\Windows\system32\consent.exe
2017-11-25 22:56:52 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-11-25 22:56:52 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-11-25 22:56:52 ----A---- C:\Windows\system32\wow64.dll
2017-11-25 22:56:52 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-25 22:56:52 ----A---- C:\Windows\system32\bcdedit.exe
2017-11-25 22:56:52 ----A---- C:\Windows\system32\adtschema.dll
2017-11-25 22:56:51 ----A---- C:\Windows\system32\TSpkg.dll
2017-11-25 22:56:50 ----A---- C:\Windows\system32\bcrypt.dll
2017-11-25 22:56:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-11-25 22:56:49 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\pdh.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\mssph.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-11-25 22:56:49 ----A---- C:\Windows\system32\audiodg.exe
2017-11-25 22:56:47 ----A---- C:\Windows\system32\shdocvw.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\mssvp.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\mmcbase.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-11-25 22:56:46 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-25 22:56:46 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-11-25 22:56:45 ----A---- C:\Windows\system32\cryptsp.dll
2017-11-25 22:56:44 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\t2embed.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\pdhui.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\ntprint.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\drivers\appid.sys
2017-11-25 22:56:44 ----A---- C:\Windows\system32\appidsvc.dll
2017-11-25 22:56:43 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-11-25 22:56:43 ----A---- C:\Windows\system32\appinfo.dll
2017-11-25 22:56:43 ----A---- C:\Windows\system32\adsmsext.dll
2017-11-25 22:56:41 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-11-25 22:56:41 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-11-25 22:56:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-11-25 22:56:41 ----A---- C:\Windows\system32\appidapi.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\wlanhlp.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\mmcshext.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\mfps.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\input.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\icm32.dll
2017-11-25 22:56:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-11-25 22:56:39 ----A---- C:\Windows\system32\smss.exe
2017-11-25 22:56:39 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-25 22:56:39 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-25 22:56:39 ----A---- C:\Windows\system32\asycfilt.dll
2017-11-25 22:56:38 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2017-11-25 22:56:38 ----A---- C:\Windows\system32\nsisvc.dll
2017-11-25 22:56:38 ----A---- C:\Windows\system32\MigAutoPlay.exe
2017-11-25 22:56:38 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\input.dll
2017-11-25 22:56:37 ----A---- C:\Windows\system32\wvc.dll
2017-11-25 22:56:37 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-25 22:56:37 ----A---- C:\Windows\system32\csrsrv.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\wlanapi.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\msscp.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-11-25 22:56:36 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\hlink.dll
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\samlib.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\rundll32.exe
2017-11-25 22:56:34 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\cryptbase.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-11-25 22:56:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\wlansvc.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\secur32.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\rstrui.exe
2017-11-25 22:56:32 ----A---- C:\Windows\system32\oleres.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\lsass.exe
2017-11-25 22:56:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-11-25 22:56:31 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-11-25 22:56:31 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\sspicli.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\nlsbres.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\msihnd.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-11-25 22:56:31 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-25 22:56:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-11-25 22:56:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-11-25 22:56:29 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-11-25 22:56:29 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-11-25 22:56:29 ----A---- C:\Windows\system32\wermgr.exe
2017-11-25 22:56:29 ----A---- C:\Windows\system32\msnetobj.dll
2017-11-25 22:56:29 ----A---- C:\Windows\system32\credssp.dll
2017-11-25 22:56:27 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-11-25 22:56:26 ----A---- C:\Windows\system32\ntvdm64.dll
2017-11-25 22:56:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\msaudite.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\auditpol.exe
2017-11-25 22:56:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-11-25 22:56:24 ----A---- C:\Windows\system32\srclient.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\wpnpinst.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\perfmon.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\pcadm.dll
2017-11-25 22:56:23 ----A---- C:\Windows\system32\netbtugc.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-25 22:56:23 ----A---- C:\Windows\system32\mfpmp.exe
2017-11-25 22:56:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-11-25 22:56:22 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-11-25 22:56:22 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-11-25 22:56:22 ----A---- C:\Windows\system32\rrinstaller.exe
2017-11-25 22:56:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-11-25 22:56:18 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-11-25 22:56:18 ----A---- C:\Windows\system32\inetppui.dll
2017-11-25 22:56:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-25 22:56:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-25 22:56:17 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-11-25 22:56:17 ----A---- C:\Windows\system32\icaapi.dll
2017-11-25 22:56:17 ----A---- C:\Windows\system32\cdd.dll
2017-11-25 22:56:16 ----A---- C:\Windows\system32\resmon.exe
2017-11-25 22:56:16 ----A---- C:\Windows\system32\pcawrk.exe
2017-11-25 22:56:16 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-25 22:56:15 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-11-25 22:56:15 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\winnsi.dll
2017-11-25 22:56:15 ----A---- C:\Windows\system32\pcalua.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\ntprint.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\lpk.dll
2017-11-25 22:56:15 ----A---- C:\Windows\system32\atmlib.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\sspisrv.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\plasrv.exe
2017-11-25 22:56:14 ----A---- C:\Windows\system32\nsi.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\msshooks.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\msmmsp.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\dciman32.dll
2017-11-25 22:56:13 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-11-25 22:56:13 ----A---- C:\Windows\system32\comcat.dll
2017-11-25 22:56:11 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\wow64cpu.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\spwmp.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\fontsub.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-11-25 22:56:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-11-25 22:56:09 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-25 22:56:09 ----A---- C:\Windows\system32\apisetschema.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\user.exe
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\WsmRes.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\pcaevts.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\msobjs.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\msimsg.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\mferror.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\INETRES.dll
2017-11-25 22:56:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-11-25 22:56:07 ----A---- C:\Windows\system32\tzres.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2017-11-25 22:56:06 ----A---- C:\Windows\system32\msxml3r.dll
2017-11-25 22:35:17 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-11-25 22:35:17 ----A---- C:\Windows\explorer.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\invagent.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\generaltel.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\devinv.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\centel.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\appraiser.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aepic.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aeinv.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\acmigration.dll
2017-11-25 22:23:34 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-11-25 22:21:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2017-11-25 22:06:32 ----D---- C:\AdwCleaner
2017-11-25 21:34:17 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2017-11-25 21:34:17 ----A---- C:\Windows\system32\authuitu.dll
2017-11-25 21:33:28 ----A---- C:\Windows\system32\uxtuneup.dll
2017-11-25 21:33:21 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2017-11-25 21:16:36 ----D---- C:\rsit
2017-11-25 21:13:22 ----A---- C:\Windows\system32\avgBoot.exe
2017-11-07 18:11:22 ----A---- C:\Windows\system32\drivers\avgNetSec.sys
2017-11-07 18:10:18 ----A---- C:\Windows\system32\drivers\avgNetNd6.sys
2017-10-31 06:35:20 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2017-11-26 15:29:59 ----D---- C:\Program Files\trend micro
2017-11-26 15:27:15 ----D---- C:\Windows\System32
2017-11-26 15:27:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-26 15:27:14 ----D---- C:\Windows\inf
2017-11-26 15:24:16 ----A---- C:\ProgramData\HPWALog.txt
2017-11-26 15:24:06 ----HD---- C:\ProgramData
2017-11-26 15:21:49 ----D---- C:\Windows\Temp
2017-11-26 15:21:43 ----D---- C:\Windows\winsxs
2017-11-26 15:19:25 ----D---- C:\Windows\system32\config
2017-11-26 08:50:58 ----D---- C:\Windows\Microsoft.NET
2017-11-26 08:50:52 ----RSD---- C:\Windows\assembly
2017-11-26 08:48:29 ----D---- C:\Program Files\Internet Explorer
2017-11-26 08:48:28 ----D---- C:\Windows\SYSWOW64\migwiz
2017-11-26 08:48:28 ----D---- C:\Windows\SYSWOW64\migration
2017-11-26 08:48:28 ----D---- C:\Program Files\Windows Media Player
2017-11-26 08:48:28 ----D---- C:\Program Files\DVD Maker
2017-11-26 08:48:28 ----D---- C:\Program Files (x86)\Windows Media Player
2017-11-26 08:48:28 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-26 08:48:27 ----D---- C:\Windows\SYSWOW64\Dism
2017-11-26 08:48:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-11-26 08:48:26 ----D---- C:\Windows\SYSWOW64\en-US
2017-11-26 08:48:26 ----D---- C:\Windows\SysWOW64
2017-11-26 08:48:21 ----D---- C:\Windows\system32\migwiz
2017-11-26 08:48:21 ----D---- C:\Windows\PolicyDefinitions
2017-11-26 08:48:20 ----D---- C:\Windows\system32\migration
2017-11-26 08:48:20 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-11-26 08:48:20 ----D---- C:\Windows\system32\drivers
2017-11-26 08:48:20 ----D---- C:\Windows\system32\Dism
2017-11-26 08:48:20 ----D---- C:\Windows\system32\cs-CZ
2017-11-26 08:48:11 ----D---- C:\Windows\system32\en-US
2017-11-26 08:48:07 ----D---- C:\Windows\AppPatch
2017-11-26 08:48:07 ----D---- C:\Windows
2017-11-26 08:48:05 ----D---- C:\Windows\system32\Boot
2017-11-26 08:48:03 ----D---- C:\Windows\system32\DriverStore
2017-11-26 08:28:47 ----SHD---- C:\System Volume Information
2017-11-26 08:22:20 ----D---- C:\Windows\Logs
2017-11-26 08:17:23 ----SD---- C:\Windows\system32\CompatTel
2017-11-26 08:17:21 ----D---- C:\Windows\system32\appraiser
2017-11-26 08:17:17 ----D---- C:\Windows\cs-CZ
2017-11-26 06:05:27 ----D---- C:\Windows\Tasks
2017-11-26 06:05:27 ----D---- C:\Windows\system32\wfp
2017-11-26 06:05:25 ----D---- C:\Windows\system32\wbem
2017-11-26 06:05:24 ----D---- C:\Windows\system32\Macromed
2017-11-26 06:05:24 ----D---- C:\Windows\system32\drivers\etc
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-26 06:05:13 ----D---- C:\Windows\registration
2017-11-26 06:05:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-26 06:04:38 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2017-11-25 23:16:13 ----D---- C:\Windows\system32\MRT
2017-11-25 23:16:13 ----D---- C:\Windows\debug
2017-11-25 23:15:26 ----AC---- C:\Windows\system32\MRT.exe
2017-11-25 23:15:16 ----SHD---- C:\Windows\Installer
2017-11-25 23:11:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-11-25 22:24:25 ----D---- C:\Windows\system32\catroot2
2017-11-25 22:13:14 ----D---- C:\Windows\system32\Tasks
2017-11-25 22:13:12 ----RD---- C:\Program Files (x86)
2017-11-25 22:10:47 ----D---- C:\Program Files (x86)\Common Files
2017-11-25 22:10:25 ----D---- C:\Program Files\Common Files
2017-11-17 18:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-15 08:59:44 ----A---- C:\Windows\system32\TURegOpt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2017-10-05 192584]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2017-10-05 336896]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2017-10-05 51336]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2017-10-05 76832]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2017-10-05 355856]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avgbdisk;avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [2017-10-05 166624]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2017-10-05 314640]
R1 avgNetSec;avgNetSec; C:\Windows\system32\drivers\avgNetSec.sys [2017-11-07 548568]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2017-10-05 102792]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2017-11-07 1022288]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2017-10-05 579584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2017-10-05 140192]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2017-10-05 193768]
R3 avgNetNd6;AVG Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\avgNetNd6.sys [2017-11-07 29944]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-05-27 2494056]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-05 144896]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-05-27 347680]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 1088544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-03-18 1390640]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2017-02-21 32304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2017-10-05 39424]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-05-27 245792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2010-01-21 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2010-01-21 27648]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2010-01-21 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-10-05 282536]
R2 AVG Firewall;AVG Firewall Service; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [2017-11-07 331952]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-10-31 1428656]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-01-04 238328]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-09-27 323952]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-11-15 5618960]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-10-05 7496672]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-19 175568]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-27 1255736]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:services
SeaPort


:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]/64

:commands
[Purity]
[Emptatemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[martybx]

zde je log:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-11-27 20:22:07
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 133 GB (59%) free of 224 GB
Total RAM: 1979 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:22:12, on 27.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9592 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
taskeng.exe {E67F89BC-1175-4580-91BC-FC2BE90C18B6}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
 /fmw.trayonly
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
AVGUI.exe /nogui
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Petr\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\pllwphwn.default-1437713462976-1501308915066

prefs.js - "browser.startup.homepage" -  "https://www.seznam.cz/#"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-28 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-28 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-18 2281256]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-05-27 6489704]
"RtkOSD"=C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [2010-01-13 995840]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-10-31 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-10-05 302744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-04-29 52272]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-27 20:13:12 ----D---- C:\_OTM
2017-11-25 23:20:48 ----D---- C:\ProgramData\SWCUTemp
2017-11-25 23:15:51 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-11-25 23:04:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-11-25 23:04:52 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-11-25 22:58:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\iernonce.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-11-25 22:58:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-11-25 22:58:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-11-25 22:58:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-25 22:58:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\wudriver.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\UtcResources.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\inseng.dll
2017-11-25 22:58:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-25 22:58:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-11-25 22:58:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-25 22:58:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-11-25 22:58:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-25 22:58:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-25 22:58:12 ----A---- C:\Windows\system32\urlmon.dll
2017-11-25 22:58:12 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-11-25 22:58:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-25 22:58:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-11-25 22:58:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\wuwebv.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-25 22:58:10 ----A---- C:\Windows\system32\dxtrans.dll
2017-11-25 22:58:10 ----A---- C:\Windows\system32\diagtrack.dll
2017-11-25 22:58:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-25 22:58:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-25 22:58:09 ----A---- C:\Windows\system32\iesetup.dll
2017-11-25 22:58:08 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-25 22:58:06 ----A---- C:\Windows\system32\iertutil.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-25 22:58:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-25 22:58:05 ----A---- C:\Windows\system32\vbscript.dll
2017-11-25 22:58:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-25 22:58:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-11-25 22:58:04 ----A---- C:\Windows\system32\ieUnatt.exe
2017-11-25 22:58:03 ----A---- C:\Windows\system32\wuaueng.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\ieui.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\ieframe.dll
2017-11-25 22:58:02 ----A---- C:\Windows\system32\dxtmsft.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\webcheck.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-11-25 22:58:01 ----A---- C:\Windows\system32\mshtmled.dll
2017-11-25 22:58:00 ----A---- C:\Windows\system32\jscript.dll
2017-11-25 22:57:59 ----A---- C:\Windows\system32\jscript9diag.dll
2017-11-25 22:57:59 ----A---- C:\Windows\system32\jscript9.dll
2017-11-25 22:57:58 ----A---- C:\Windows\system32\wininet.dll
2017-11-25 22:57:58 ----A---- C:\Windows\system32\jsproxy.dll
2017-11-25 22:57:57 ----A---- C:\Windows\system32\msrating.dll
2017-11-25 22:57:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-11-25 22:57:54 ----A---- C:\Windows\system32\mshtml.dll
2017-11-25 22:57:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-11-25 22:57:51 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wucltux.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuauclt.exe
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuapp.exe
2017-11-25 22:57:51 ----A---- C:\Windows\system32\wuapi.dll
2017-11-25 22:57:51 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-11-25 22:57:50 ----A---- C:\Windows\system32\shell32.dll
2017-11-25 22:57:50 ----A---- C:\Windows\system32\occache.dll
2017-11-25 22:57:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-11-25 22:57:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-25 22:57:45 ----A---- C:\Windows\system32\FntCache.dll
2017-11-25 22:57:45 ----A---- C:\Windows\system32\DWrite.dll
2017-11-25 22:57:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-11-25 22:57:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-11-25 22:57:43 ----A---- C:\Windows\system32\mf.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-25 22:57:42 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-25 22:57:41 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-25 22:57:40 ----A---- C:\Windows\system32\ole32.dll
2017-11-25 22:57:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-25 22:57:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-11-25 22:57:38 ----A---- C:\Windows\system32\blackbox.dll
2017-11-25 22:57:36 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wups2.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wups.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-11-25 22:57:36 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-11-25 22:57:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-11-25 22:57:35 ----A---- C:\Windows\system32\win32k.sys
2017-11-25 22:57:35 ----A---- C:\Windows\system32\mmc.exe
2017-11-25 22:57:35 ----A---- C:\Windows\system32\drmv2clt.dll
2017-11-25 22:57:34 ----A---- C:\Windows\system32\WsmSvc.dll
2017-11-25 22:57:34 ----A---- C:\Windows\system32\msxml3.dll
2017-11-25 22:57:33 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-11-25 22:57:33 ----A---- C:\Windows\system32\msi.dll
2017-11-25 22:57:33 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-11-25 22:57:32 ----A---- C:\Windows\system32\ntdll.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-11-25 22:57:31 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-11-25 22:57:31 ----A---- C:\Windows\system32\lsasrv.dll
2017-11-25 22:57:31 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-25 22:57:30 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2017-11-25 22:57:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-11-25 22:57:29 ----A---- C:\Windows\system32\wmp.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-11-25 22:57:27 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-11-25 22:57:27 ----A---- C:\Windows\system32\kerberos.dll
2017-11-25 22:57:27 ----A---- C:\Windows\system32\crypt32.dll
2017-11-25 22:57:25 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\tquery.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\scavengeui.dll
2017-11-25 22:57:25 ----A---- C:\Windows\system32\quartz.dll
2017-11-25 22:57:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-11-25 22:57:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-11-25 22:57:24 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-11-25 22:57:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-11-25 22:57:23 ----A---- C:\Windows\system32\Query.dll
2017-11-25 22:57:23 ----A---- C:\Windows\system32\oleaut32.dll
2017-11-25 22:57:22 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-11-25 22:57:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-11-25 22:57:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-11-25 22:57:22 ----A---- C:\Windows\system32\advapi32.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\winload.exe
2017-11-25 22:57:21 ----A---- C:\Windows\system32\rdpcore.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\msctf.dll
2017-11-25 22:57:21 ----A---- C:\Windows\system32\localspl.dll
2017-11-25 22:57:20 ----A---- C:\Windows\system32\kernel32.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\win32spl.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\schannel.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\samsrv.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\rpcss.dll
2017-11-25 22:57:19 ----A---- C:\Windows\system32\mssrch.dll
2017-11-25 22:57:18 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-11-25 22:57:18 ----A---- C:\Windows\system32\drivers\srv.sys
2017-11-25 22:57:18 ----A---- C:\Windows\system32\drivers\http.sys
2017-11-25 22:57:18 ----A---- C:\Windows\system32\authui.dll
2017-11-25 22:57:18 ----A---- C:\Windows\system32\audiosrv.dll
2017-11-25 22:57:17 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-25 22:57:17 ----A---- C:\Windows\HelpPane.exe
2017-11-25 22:57:16 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-11-25 22:57:16 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-11-25 22:57:16 ----A---- C:\Windows\system32\UIAnimation.dll
2017-11-25 22:57:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-11-25 22:57:15 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\wer.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\KernelBase.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\inetcomm.dll
2017-11-25 22:57:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-11-25 22:57:14 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-11-25 22:57:14 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-11-25 22:57:14 ----A---- C:\Windows\system32\msv1_0.dll
2017-11-25 22:57:14 ----A---- C:\Windows\system32\drivers\afd.sys
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-11-25 22:57:13 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-11-25 22:57:13 ----A---- C:\Windows\system32\usp10.dll
2017-11-25 22:57:13 ----A---- C:\Windows\system32\evr.dll
2017-11-25 22:57:12 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\wlansec.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\WebClnt.dll
2017-11-25 22:57:12 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-11-25 22:57:12 ----A---- C:\Windows\system32\atmfd.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-11-25 22:57:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\Wldap32.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\wdc.dll
2017-11-25 22:57:11 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-11-25 22:57:10 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-11-25 22:57:10 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-11-25 22:57:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-11-25 22:57:10 ----A---- C:\Windows\system32\drivers\cng.sys
2017-11-25 22:57:10 ----A---- C:\Windows\system32\cdosys.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-11-25 22:57:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-11-25 22:57:09 ----A---- C:\Windows\system32\user32.dll
2017-11-25 22:57:08 ----A---- C:\Windows\system32\wintrust.dll
2017-11-25 22:57:08 ----A---- C:\Windows\system32\pla.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\gdi32.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-11-25 22:57:07 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-11-25 22:57:07 ----A---- C:\Windows\system32\cryptsvc.dll
2017-11-25 22:57:07 ----A---- C:\Windows\system32\clfs.sys
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-11-25 22:57:06 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-11-25 22:57:06 ----A---- C:\Windows\system32\wow64win.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\ncrypt.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-11-25 22:57:06 ----A---- C:\Windows\system32\cryptui.dll
2017-11-25 22:57:06 ----A---- C:\Windows\system32\certcli.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-11-25 22:57:05 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\srcore.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\qdvd.dll
2017-11-25 22:57:05 ----A---- C:\Windows\system32\conhost.exe
2017-11-25 22:57:05 ----A---- C:\Windows\system32\AudioEng.dll
2017-11-25 22:57:04 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-11-25 22:57:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-25 22:57:04 ----A---- C:\Windows\system32\rpchttp.dll
2017-11-25 22:57:04 ----A---- C:\Windows\system32\msinfo32.exe
2017-11-25 22:57:03 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-11-25 22:57:03 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-11-25 22:57:03 ----A---- C:\Windows\system32\wdigest.dll
2017-11-25 22:57:03 ----A---- C:\Windows\system32\drivers\netio.sys
2017-11-25 22:57:03 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-11-25 22:57:02 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-11-25 22:57:02 ----A---- C:\Windows\system32\themeui.dll
2017-11-25 22:57:02 ----A---- C:\Windows\system32\mfplat.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-11-25 22:57:01 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\WsmAuto.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-11-25 22:57:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-11-25 22:57:01 ----A---- C:\Windows\system32\davclnt.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\AudioSes.dll
2017-11-25 22:57:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-11-25 22:57:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-11-25 22:56:59 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-11-25 22:56:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-11-25 22:56:59 ----A---- C:\Windows\system32\pcasvc.dll
2017-11-25 22:56:59 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-11-25 22:56:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-11-25 22:56:58 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-11-25 22:56:58 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-11-25 22:56:57 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-11-25 22:56:57 ----A---- C:\Windows\system32\wlanmsm.dll
2017-11-25 22:56:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-11-25 22:56:56 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-11-25 22:56:56 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\winsrv.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\msiexec.exe
2017-11-25 22:56:56 ----A---- C:\Windows\system32\inetpp.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\EncDump.dll
2017-11-25 22:56:56 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-11-25 22:56:56 ----A---- C:\Windows\system32\cic.dll
2017-11-25 22:56:54 ----A---- C:\Windows\system32\mscms.dll
2017-11-25 22:56:54 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-11-25 22:56:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-25 22:56:53 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-11-25 22:56:53 ----A---- C:\Windows\system32\consent.exe
2017-11-25 22:56:52 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-11-25 22:56:52 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-11-25 22:56:52 ----A---- C:\Windows\system32\wow64.dll
2017-11-25 22:56:52 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-25 22:56:52 ----A---- C:\Windows\system32\bcdedit.exe
2017-11-25 22:56:52 ----A---- C:\Windows\system32\adtschema.dll
2017-11-25 22:56:51 ----A---- C:\Windows\system32\TSpkg.dll
2017-11-25 22:56:50 ----A---- C:\Windows\system32\bcrypt.dll
2017-11-25 22:56:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-11-25 22:56:49 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\pdh.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\mssph.dll
2017-11-25 22:56:49 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-11-25 22:56:49 ----A---- C:\Windows\system32\audiodg.exe
2017-11-25 22:56:47 ----A---- C:\Windows\system32\shdocvw.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\mssvp.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\mmcbase.dll
2017-11-25 22:56:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-11-25 22:56:46 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-25 22:56:46 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-11-25 22:56:45 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-11-25 22:56:45 ----A---- C:\Windows\system32\cryptsp.dll
2017-11-25 22:56:44 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\t2embed.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\pdhui.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\ntprint.dll
2017-11-25 22:56:44 ----A---- C:\Windows\system32\drivers\appid.sys
2017-11-25 22:56:44 ----A---- C:\Windows\system32\appidsvc.dll
2017-11-25 22:56:43 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-11-25 22:56:43 ----A---- C:\Windows\system32\appinfo.dll
2017-11-25 22:56:43 ----A---- C:\Windows\system32\adsmsext.dll
2017-11-25 22:56:41 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-11-25 22:56:41 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-11-25 22:56:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-11-25 22:56:41 ----A---- C:\Windows\system32\appidapi.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-11-25 22:56:40 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\wlanhlp.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\mmcshext.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\mfps.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\input.dll
2017-11-25 22:56:40 ----A---- C:\Windows\system32\icm32.dll
2017-11-25 22:56:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-11-25 22:56:39 ----A---- C:\Windows\system32\smss.exe
2017-11-25 22:56:39 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-25 22:56:39 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-25 22:56:39 ----A---- C:\Windows\system32\asycfilt.dll
2017-11-25 22:56:38 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2017-11-25 22:56:38 ----A---- C:\Windows\system32\nsisvc.dll
2017-11-25 22:56:38 ----A---- C:\Windows\system32\MigAutoPlay.exe
2017-11-25 22:56:38 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-11-25 22:56:37 ----A---- C:\Windows\SYSWOW64\input.dll
2017-11-25 22:56:37 ----A---- C:\Windows\system32\wvc.dll
2017-11-25 22:56:37 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-25 22:56:37 ----A---- C:\Windows\system32\csrsrv.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-11-25 22:56:36 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\wlanapi.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\msscp.dll
2017-11-25 22:56:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-11-25 22:56:36 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-11-25 22:56:35 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-11-25 22:56:35 ----A---- C:\Windows\system32\hlink.dll
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-11-25 22:56:34 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\samlib.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\rundll32.exe
2017-11-25 22:56:34 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\cryptbase.dll
2017-11-25 22:56:34 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-11-25 22:56:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-11-25 22:56:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\wlansvc.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\secur32.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\rstrui.exe
2017-11-25 22:56:32 ----A---- C:\Windows\system32\oleres.dll
2017-11-25 22:56:32 ----A---- C:\Windows\system32\lsass.exe
2017-11-25 22:56:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-11-25 22:56:31 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-11-25 22:56:31 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\sspicli.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\nlsbres.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\msihnd.dll
2017-11-25 22:56:31 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-11-25 22:56:31 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-25 22:56:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-11-25 22:56:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-11-25 22:56:29 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-11-25 22:56:29 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-11-25 22:56:29 ----A---- C:\Windows\system32\wermgr.exe
2017-11-25 22:56:29 ----A---- C:\Windows\system32\msnetobj.dll
2017-11-25 22:56:29 ----A---- C:\Windows\system32\credssp.dll
2017-11-25 22:56:27 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-11-25 22:56:26 ----A---- C:\Windows\system32\ntvdm64.dll
2017-11-25 22:56:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\msaudite.dll
2017-11-25 22:56:25 ----A---- C:\Windows\system32\auditpol.exe
2017-11-25 22:56:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-11-25 22:56:24 ----A---- C:\Windows\system32\srclient.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-11-25 22:56:23 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\wpnpinst.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\perfmon.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\pcadm.dll
2017-11-25 22:56:23 ----A---- C:\Windows\system32\netbtugc.exe
2017-11-25 22:56:23 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-25 22:56:23 ----A---- C:\Windows\system32\mfpmp.exe
2017-11-25 22:56:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-11-25 22:56:22 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-11-25 22:56:22 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-11-25 22:56:22 ----A---- C:\Windows\system32\rrinstaller.exe
2017-11-25 22:56:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-11-25 22:56:18 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-11-25 22:56:18 ----A---- C:\Windows\system32\inetppui.dll
2017-11-25 22:56:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-25 22:56:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-11-25 22:56:17 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-11-25 22:56:17 ----A---- C:\Windows\system32\icaapi.dll
2017-11-25 22:56:17 ----A---- C:\Windows\system32\cdd.dll
2017-11-25 22:56:16 ----A---- C:\Windows\system32\resmon.exe
2017-11-25 22:56:16 ----A---- C:\Windows\system32\pcawrk.exe
2017-11-25 22:56:16 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-25 22:56:15 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-11-25 22:56:15 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\winnsi.dll
2017-11-25 22:56:15 ----A---- C:\Windows\system32\pcalua.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\ntprint.exe
2017-11-25 22:56:15 ----A---- C:\Windows\system32\lpk.dll
2017-11-25 22:56:15 ----A---- C:\Windows\system32\atmlib.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-11-25 22:56:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\sspisrv.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\plasrv.exe
2017-11-25 22:56:14 ----A---- C:\Windows\system32\nsi.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\msshooks.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\msmmsp.dll
2017-11-25 22:56:14 ----A---- C:\Windows\system32\dciman32.dll
2017-11-25 22:56:13 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-11-25 22:56:13 ----A---- C:\Windows\system32\comcat.dll
2017-11-25 22:56:11 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-11-25 22:56:10 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\wow64cpu.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\spwmp.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\fontsub.dll
2017-11-25 22:56:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-11-25 22:56:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-11-25 22:56:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-11-25 22:56:09 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-25 22:56:09 ----A---- C:\Windows\system32\apisetschema.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-11-25 22:56:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\user.exe
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-11-25 22:56:08 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\WsmRes.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\pcaevts.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\msobjs.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\msimsg.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\mferror.dll
2017-11-25 22:56:08 ----A---- C:\Windows\system32\INETRES.dll
2017-11-25 22:56:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-11-25 22:56:07 ----A---- C:\Windows\system32\tzres.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-11-25 22:56:06 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2017-11-25 22:56:06 ----A---- C:\Windows\system32\msxml3r.dll
2017-11-25 22:35:17 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-11-25 22:35:17 ----A---- C:\Windows\explorer.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\invagent.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\generaltel.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\devinv.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\centel.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\appraiser.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aepic.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\aeinv.dll
2017-11-25 22:35:06 ----A---- C:\Windows\system32\acmigration.dll
2017-11-25 22:23:34 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-11-25 22:21:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2017-11-25 22:21:39 ----A---- C:\Windows\system32\poqexec.exe
2017-11-25 22:21:38 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2017-11-25 22:06:32 ----D---- C:\AdwCleaner
2017-11-25 21:16:36 ----D---- C:\rsit
2017-11-25 21:13:22 ----A---- C:\Windows\system32\avgBoot.exe
2017-11-07 18:11:22 ----A---- C:\Windows\system32\drivers\avgNetSec.sys
2017-11-07 18:10:18 ----A---- C:\Windows\system32\drivers\avgNetNd6.sys
2017-10-31 06:35:20 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2017-11-27 20:22:10 ----D---- C:\Program Files\trend micro
2017-11-27 20:20:10 ----A---- C:\ProgramData\HPWALog.txt
2017-11-27 20:19:55 ----HD---- C:\ProgramData
2017-11-27 20:19:15 ----D---- C:\Windows\Temp
2017-11-27 20:18:06 ----D---- C:\Windows\system32\config
2017-11-27 20:04:20 ----D---- C:\Windows\System32
2017-11-26 16:22:07 ----D---- C:\Windows\SysWOW64
2017-11-26 16:21:38 ----SHD---- C:\System Volume Information
2017-11-26 16:16:18 ----SHD---- C:\Windows\Installer
2017-11-26 16:16:17 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2017-11-26 16:15:35 ----D---- C:\Windows\inf
2017-11-26 16:15:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-26 16:11:32 ----D---- C:\Windows\Microsoft.NET
2017-11-26 16:11:20 ----RSD---- C:\Windows\assembly
2017-11-26 16:02:59 ----D---- C:\Windows\winsxs
2017-11-26 08:48:29 ----D---- C:\Program Files\Internet Explorer
2017-11-26 08:48:28 ----D---- C:\Windows\SYSWOW64\migwiz
2017-11-26 08:48:28 ----D---- C:\Windows\SYSWOW64\migration
2017-11-26 08:48:28 ----D---- C:\Program Files\Windows Media Player
2017-11-26 08:48:28 ----D---- C:\Program Files\DVD Maker
2017-11-26 08:48:28 ----D---- C:\Program Files (x86)\Windows Media Player
2017-11-26 08:48:28 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-26 08:48:27 ----D---- C:\Windows\SYSWOW64\Dism
2017-11-26 08:48:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-11-26 08:48:26 ----D---- C:\Windows\SYSWOW64\en-US
2017-11-26 08:48:21 ----D---- C:\Windows\system32\migwiz
2017-11-26 08:48:21 ----D---- C:\Windows\PolicyDefinitions
2017-11-26 08:48:20 ----D---- C:\Windows\system32\migration
2017-11-26 08:48:20 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-11-26 08:48:20 ----D---- C:\Windows\system32\drivers
2017-11-26 08:48:20 ----D---- C:\Windows\system32\Dism
2017-11-26 08:48:20 ----D---- C:\Windows\system32\cs-CZ
2017-11-26 08:48:11 ----D---- C:\Windows\system32\en-US
2017-11-26 08:48:07 ----D---- C:\Windows\AppPatch
2017-11-26 08:48:07 ----D---- C:\Windows
2017-11-26 08:48:05 ----D---- C:\Windows\system32\Boot
2017-11-26 08:48:03 ----D---- C:\Windows\system32\DriverStore
2017-11-26 08:22:20 ----D---- C:\Windows\Logs
2017-11-26 08:17:23 ----SD---- C:\Windows\system32\CompatTel
2017-11-26 08:17:21 ----D---- C:\Windows\system32\appraiser
2017-11-26 08:17:17 ----D---- C:\Windows\cs-CZ
2017-11-26 06:05:27 ----D---- C:\Windows\Tasks
2017-11-26 06:05:27 ----D---- C:\Windows\system32\wfp
2017-11-26 06:05:25 ----D---- C:\Windows\system32\wbem
2017-11-26 06:05:24 ----D---- C:\Windows\system32\Macromed
2017-11-26 06:05:24 ----D---- C:\Windows\system32\drivers\etc
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-26 06:05:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-26 06:05:13 ----D---- C:\Windows\registration
2017-11-26 06:05:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-26 06:04:38 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2017-11-25 23:22:28 ----D---- C:\Windows\system32\MRT
2017-11-25 23:16:13 ----D---- C:\Windows\debug
2017-11-25 23:15:26 ----AC---- C:\Windows\system32\MRT.exe
2017-11-25 23:11:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-11-25 22:24:25 ----D---- C:\Windows\system32\catroot2
2017-11-25 22:13:14 ----D---- C:\Windows\system32\Tasks
2017-11-25 22:13:12 ----RD---- C:\Program Files (x86)
2017-11-25 22:10:47 ----D---- C:\Program Files (x86)\Common Files
2017-11-25 22:10:25 ----D---- C:\Program Files\Common Files
2017-11-17 18:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2017-10-05 192584]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2017-10-05 336896]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2017-10-05 51336]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2017-10-05 76832]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2017-10-05 355856]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 avgbdisk;avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [2017-10-05 166624]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2017-10-05 314640]
R1 avgNetSec;avgNetSec; C:\Windows\system32\drivers\avgNetSec.sys [2017-11-07 548568]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2017-10-05 102792]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2017-11-07 1022288]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2017-10-05 579584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2017-10-05 140192]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2017-10-05 193768]
R3 avgNetNd6;AVG Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\avgNetNd6.sys [2017-11-07 29944]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-05-27 2494056]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-05 144896]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-05-27 347680]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-01-20 1088544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-03-18 1390640]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2017-10-05 39424]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-05-27 245792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2010-01-21 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2010-01-21 27648]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2010-01-21 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-10-05 282536]
R2 AVG Firewall;AVG Firewall Service; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [2017-11-07 331952]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-10-31 1428656]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-01-04 238328]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-09-27 323952]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152]
R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-10-05 7496672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-17 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-19 175568]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-27 1255736]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

[Rudy]

Smazáno. Pro jistotu ještě uděkejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[martybx]

log:

Kód: Vybrat vše

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 27.11.17
Čas skenování: 21:14
Logovací soubor: a018a292-d3af-11e7-88dc-c80aa9df9cba.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.236
Aktualizovat verzi balíku komponent: 1.0.3359
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Petr-PC\Petr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 392825
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 22 min, 3 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Rudy]

Je to bez nálezu, PC je čistý.

[martybx]

dekuji moc za vas cas

[Rudy]

Rádo se stalo!