Prosím o kontrolu logů a radu jak odstranit conhost.exe, případně další havět.
Řeším ntbkk souseda, který je velmi pomalý a hlavně nelze nainstalovat žádný driver (soubor je používám jiným procesem). Antivir byl sice nainstalovaný, ale od 01/2017 byl "spadlý" a řešením bylo pouze reinstalace antiviru (Avast). Ten nic nenašel.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 08:23:42
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:27:00, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18858)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Users\Bara\Downloads\RSIT.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\trend micro\Bara.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 4673 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:07:30 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
======List of files/folders modified in the last 1 month======
2018-01-22 08:23:46 ----D---- C:\Program Files
2018-01-22 08:23:08 ----D---- C:\Windows\Temp
2018-01-22 08:10:38 ----D---- C:\Windows\system32\config
2018-01-22 08:07:30 ----D---- C:\ProgramData
2018-01-22 08:05:57 ----D---- C:\Windows\System32
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 08:05:49 ----D---- C:\Windows
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:21:03 ----D---- C:\Windows\system32\drivers
2018-01-22 00:21:03 ----D---- C:\Windows\AppPatch
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:07:37 ----D---- C:\Windows\inf
2018-01-21 23:05:59 ----D---- C:\Windows\winsxs
2018-01-21 23:03:36 ----SHD---- C:\Windows\Installer
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 21:58:29 ----SHD---- C:\System Volume Information
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:25 ----D---- C:\Windows\Minidump
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 18:48:05 ----D---- C:\Windows\system32\cs-CZ
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\en-US
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-20 11:50:20 ----D---- C:\Windows\system32\catroot2
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:24:45 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:34 ----D---- C:\Program Files\Internet Explorer
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:32 ----D---- C:\Windows\system32\migration
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-07 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
conhost.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe
nalezeno PUP.Optional.Legacy což jsem smazal, proveden vyžadovaný restart. Log níže je po restartu
conhost.exe, je-li problematický "proces" je stále spuštěn pod uživatelem System
# AdwCleaner 7.0.7.0 - Logfile created on Mon Jan 22 12:00:49 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 7 Starter (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1037 B] - [2018/1/22 11:54:2]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
conhost.exe, je-li problematický "proces" je stále spuštěn pod uživatelem System
# AdwCleaner 7.0.7.0 - Logfile created on Mon Jan 22 12:00:49 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 7 Starter (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1037 B] - [2018/1/22 11:54:2]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Conhost může být vir jen za určitých okolností (záleží na umístění souboru). Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 14:27:10
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:17, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18858)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Users\Bara\Downloads\RSIT.exe
C:\Program Files\trend micro\Bara.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 4632 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 13:05:06 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:45 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 09:55:41 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 09:55:39 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 09:55:39 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 09:55:38 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 09:55:38 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 09:55:37 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:35 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 09:55:33 ----A---- C:\Windows\system32\occache.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 09:55:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 09:55:31 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 09:55:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-16 10:47:28 ----A---- C:\Windows\system32\atmfd.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\fontsub.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\lpk.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dciman32.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-16 10:47:20 ----A---- C:\Windows\system32\atmlib.dll
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-22 14:25:54 ----D---- C:\Windows\Temp
2018-01-22 13:32:01 ----D---- C:\Windows\system32\config
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 13:18:04 ----D---- C:\Windows\winsxs
2018-01-22 13:05:06 ----D---- C:\ProgramData
2018-01-22 08:23:46 ----D---- C:\Program Files
2018-01-22 08:05:57 ----D---- C:\Windows\System32
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 08:05:49 ----D---- C:\Windows
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:21:03 ----D---- C:\Windows\system32\drivers
2018-01-22 00:21:03 ----D---- C:\Windows\AppPatch
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:07:37 ----D---- C:\Windows\inf
2018-01-21 23:03:36 ----SHD---- C:\Windows\Installer
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 21:58:29 ----SHD---- C:\System Volume Information
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:25 ----D---- C:\Windows\Minidump
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 18:48:05 ----D---- C:\Windows\system32\cs-CZ
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\en-US
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:34 ----D---- C:\Program Files\Internet Explorer
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:32 ----D---- C:\Windows\system32\migration
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 23:04:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-29 22:51:56 ----D---- C:\Windows\Microsoft.NET
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-07 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
Run by Bara at 2018-01-22 14:27:10
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:17, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18858)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Users\Bara\Downloads\RSIT.exe
C:\Program Files\trend micro\Bara.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 4632 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 13:05:06 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:45 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 09:55:41 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 09:55:39 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 09:55:39 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 09:55:38 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 09:55:38 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 09:55:37 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:35 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 09:55:34 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 09:55:33 ----A---- C:\Windows\system32\occache.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 09:55:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 09:55:32 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 09:55:31 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 09:55:31 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 09:55:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-16 10:47:28 ----A---- C:\Windows\system32\atmfd.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\fontsub.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\lpk.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dciman32.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-16 10:47:20 ----A---- C:\Windows\system32\atmlib.dll
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-22 14:25:54 ----D---- C:\Windows\Temp
2018-01-22 13:32:01 ----D---- C:\Windows\system32\config
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 13:18:04 ----D---- C:\Windows\winsxs
2018-01-22 13:05:06 ----D---- C:\ProgramData
2018-01-22 08:23:46 ----D---- C:\Program Files
2018-01-22 08:05:57 ----D---- C:\Windows\System32
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 08:05:49 ----D---- C:\Windows
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:21:03 ----D---- C:\Windows\system32\drivers
2018-01-22 00:21:03 ----D---- C:\Windows\AppPatch
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:07:37 ----D---- C:\Windows\inf
2018-01-21 23:03:36 ----SHD---- C:\Windows\Installer
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 21:58:29 ----SHD---- C:\System Volume Information
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:25 ----D---- C:\Windows\Minidump
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 18:48:05 ----D---- C:\Windows\system32\cs-CZ
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\en-US
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:34 ----D---- C:\Program Files\Internet Explorer
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:32 ----D---- C:\Windows\system32\migration
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 23:04:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-29 22:51:56 ----D---- C:\Windows\Microsoft.NET
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-07 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
Re: conhost.exe
ještě doplním, že se zobrazily další WIN aktualizace k instalaci. Aktualizace proběhla manuálně v sobotu, od té doby bez nových aktualizací, až doposud.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém. CF totiž odstraní všechny projevy malware, které jinak vidíme v logu RSIT. Máme to i v pravidlech: https://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3).
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém. CF totiž odstraní všechny projevy malware, které jinak vidíme v logu RSIT. Máme to i v pravidlech: https://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe
CF jsem spustil ještě před vložením příspěvku zde, následně jsem ho nespouštěl. pokud vidíte jeho dnešní spuštění tak se spouští bez mého vědomí.Navíc jsem u CF jen skenoval a následně zavřel poté, co jsem se dočetl, že může poškodit systém
po dvojitém restartu se sám nainstaloval jeden z chybných ovladačů, doposud s ním byl problém.
RSIT spuštěn s historií 3 měsíce, ale je možné, že problém začal již dříve. ntbk nebyl používán, ale po "umrtí" druhého ntbk se soused k tomuto vrátil
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 16:53:49
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:57:51, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Bara\Desktop\RSIT.exe
C:\Program Files\trend micro\Bara.exe
C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 4451 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 16:46:59 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 16:43:11 ----D---- C:\_OTM
2018-01-22 13:32:09 ----A---- C:\Windows\system32\mshtml.dll
2018-01-22 13:32:05 ----A---- C:\Windows\system32\ieframe.dll
2018-01-22 13:32:03 ----A---- C:\Windows\system32\jscript9.dll
2018-01-22 13:31:58 ----A---- C:\Windows\system32\wininet.dll
2018-01-22 13:31:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-01-22 13:31:57 ----A---- C:\Windows\system32\iertutil.dll
2018-01-22 13:31:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-22 13:31:55 ----A---- C:\Windows\system32\urlmon.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\vbscript.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\shell32.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\kerberos.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\jscript.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ntdll.dll
2018-01-22 13:31:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ieui.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\winload.exe
2018-01-22 13:31:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\kernel32.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\atmfd.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\ole32.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\advapi32.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\sysmain.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\msxml6.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-22 13:31:45 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-22 13:31:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-22 13:31:44 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-22 13:31:43 ----A---- C:\Windows\system32\win32k.sys
2018-01-22 13:31:42 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-22 13:31:40 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-22 13:31:40 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-22 13:31:39 ----A---- C:\Windows\system32\rpcss.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\halmacpi.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\hal.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\conhost.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-22 13:31:36 ----A---- C:\Windows\system32\webcheck.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\srcore.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\halacpi.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-22 13:31:35 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-22 13:31:35 ----A---- C:\Windows\system32\authui.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\winsrv.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-22 13:31:33 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-22 13:31:33 ----A---- C:\Windows\system32\consent.exe
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-22 13:31:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-22 13:31:24 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\P2P.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\msrating.dll
2018-01-22 13:31:23 ----A---- C:\Windows\system32\smss.exe
2018-01-22 13:31:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-22 13:31:20 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-22 13:31:20 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-22 13:31:19 ----A---- C:\Windows\system32\icm32.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\fontsub.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\mscms.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-22 13:31:18 ----A---- C:\Windows\system32\appinfo.dll
2018-01-22 13:31:17 ----A---- C:\Windows\system32\sspicli.dll
2018-01-22 13:31:15 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-22 13:31:15 ----A---- C:\Windows\system32\atmlib.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshqos.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\traffic.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-22 13:31:12 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\schannel.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\INETRES.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\occache.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-22 13:31:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-22 13:31:08 ----A---- C:\Windows\system32\wdigest.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\inseng.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iesetup.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iernonce.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\srclient.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\appidapi.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-22 13:31:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-22 13:31:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-22 13:30:11 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-22 13:30:10 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\secur32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\rstrui.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lsass.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lpk.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\dciman32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\credssp.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\comcat.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\auditpol.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-22 13:30:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-22 13:30:05 ----A---- C:\Windows\system32\adtschema.dll
2018-01-22 13:30:03 ----A---- C:\Windows\system32\msaudite.dll
2018-01-22 13:30:02 ----A---- C:\Windows\system32\msobjs.dll
2018-01-22 13:30:01 ----A---- C:\Windows\system32\oleres.dll
2018-01-22 13:29:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-01-22 13:29:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-22 16:54:53 ----D---- C:\Windows\Temp
2018-01-22 16:54:41 ----D---- C:\Windows\system32\config
2018-01-22 16:54:08 ----D---- C:\Windows\System32
2018-01-22 16:54:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-22 16:54:07 ----D---- C:\Windows\inf
2018-01-22 16:46:59 ----D---- C:\ProgramData
2018-01-22 16:09:40 ----D---- C:\Windows\Microsoft.NET
2018-01-22 16:09:37 ----RSD---- C:\Windows\assembly
2018-01-22 16:03:21 ----D---- C:\Windows\winsxs
2018-01-22 15:51:34 ----D---- C:\Windows\system32\drivers
2018-01-22 15:51:34 ----D---- C:\Windows\system32\cs-CZ
2018-01-22 15:51:34 ----D---- C:\Program Files\Internet Explorer
2018-01-22 15:51:33 ----D---- C:\Windows\system32\en-US
2018-01-22 15:51:28 ----D---- C:\Windows\AppPatch
2018-01-22 15:51:27 ----D---- C:\Windows\system32\migration
2018-01-22 15:51:27 ----D---- C:\Windows\system32\Boot
2018-01-22 15:49:33 ----SHD---- C:\Windows\Installer
2018-01-22 15:31:15 ----SHD---- C:\System Volume Information
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 08:23:46 ----D---- C:\Program Files
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 08:05:49 ----D---- C:\Windows
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:25 ----D---- C:\Windows\Minidump
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
po dvojitém restartu se sám nainstaloval jeden z chybných ovladačů, doposud s ním byl problém.
RSIT spuštěn s historií 3 měsíce, ale je možné, že problém začal již dříve. ntbk nebyl používán, ale po "umrtí" druhého ntbk se soused k tomuto vrátil
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 16:53:49
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:57:51, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Bara\Desktop\RSIT.exe
C:\Program Files\trend micro\Bara.exe
C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 4451 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 16:46:59 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 16:43:11 ----D---- C:\_OTM
2018-01-22 13:32:09 ----A---- C:\Windows\system32\mshtml.dll
2018-01-22 13:32:05 ----A---- C:\Windows\system32\ieframe.dll
2018-01-22 13:32:03 ----A---- C:\Windows\system32\jscript9.dll
2018-01-22 13:31:58 ----A---- C:\Windows\system32\wininet.dll
2018-01-22 13:31:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-01-22 13:31:57 ----A---- C:\Windows\system32\iertutil.dll
2018-01-22 13:31:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-22 13:31:55 ----A---- C:\Windows\system32\urlmon.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\vbscript.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\shell32.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\kerberos.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\jscript.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ntdll.dll
2018-01-22 13:31:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ieui.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\winload.exe
2018-01-22 13:31:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\kernel32.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\atmfd.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\ole32.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\advapi32.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\sysmain.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\msxml6.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-22 13:31:45 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-22 13:31:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-22 13:31:44 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-22 13:31:43 ----A---- C:\Windows\system32\win32k.sys
2018-01-22 13:31:42 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-22 13:31:40 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-22 13:31:40 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-22 13:31:39 ----A---- C:\Windows\system32\rpcss.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\halmacpi.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\hal.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\conhost.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-22 13:31:36 ----A---- C:\Windows\system32\webcheck.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\srcore.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\halacpi.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-22 13:31:35 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-22 13:31:35 ----A---- C:\Windows\system32\authui.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\winsrv.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-22 13:31:33 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-22 13:31:33 ----A---- C:\Windows\system32\consent.exe
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-22 13:31:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-22 13:31:24 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\P2P.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\msrating.dll
2018-01-22 13:31:23 ----A---- C:\Windows\system32\smss.exe
2018-01-22 13:31:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-22 13:31:20 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-22 13:31:20 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-22 13:31:19 ----A---- C:\Windows\system32\icm32.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\fontsub.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\mscms.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-22 13:31:18 ----A---- C:\Windows\system32\appinfo.dll
2018-01-22 13:31:17 ----A---- C:\Windows\system32\sspicli.dll
2018-01-22 13:31:15 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-22 13:31:15 ----A---- C:\Windows\system32\atmlib.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshqos.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\traffic.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-22 13:31:12 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\schannel.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\INETRES.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\occache.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-22 13:31:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-22 13:31:08 ----A---- C:\Windows\system32\wdigest.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\inseng.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iesetup.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iernonce.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\srclient.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\appidapi.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-22 13:31:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-22 13:31:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-22 13:30:11 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-22 13:30:10 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\secur32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\rstrui.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lsass.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lpk.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\dciman32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\credssp.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\comcat.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\auditpol.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-22 13:30:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-22 13:30:05 ----A---- C:\Windows\system32\adtschema.dll
2018-01-22 13:30:03 ----A---- C:\Windows\system32\msaudite.dll
2018-01-22 13:30:02 ----A---- C:\Windows\system32\msobjs.dll
2018-01-22 13:30:01 ----A---- C:\Windows\system32\oleres.dll
2018-01-22 13:29:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-01-22 13:29:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-22 16:54:53 ----D---- C:\Windows\Temp
2018-01-22 16:54:41 ----D---- C:\Windows\system32\config
2018-01-22 16:54:08 ----D---- C:\Windows\System32
2018-01-22 16:54:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-22 16:54:07 ----D---- C:\Windows\inf
2018-01-22 16:46:59 ----D---- C:\ProgramData
2018-01-22 16:09:40 ----D---- C:\Windows\Microsoft.NET
2018-01-22 16:09:37 ----RSD---- C:\Windows\assembly
2018-01-22 16:03:21 ----D---- C:\Windows\winsxs
2018-01-22 15:51:34 ----D---- C:\Windows\system32\drivers
2018-01-22 15:51:34 ----D---- C:\Windows\system32\cs-CZ
2018-01-22 15:51:34 ----D---- C:\Program Files\Internet Explorer
2018-01-22 15:51:33 ----D---- C:\Windows\system32\en-US
2018-01-22 15:51:28 ----D---- C:\Windows\AppPatch
2018-01-22 15:51:27 ----D---- C:\Windows\system32\migration
2018-01-22 15:51:27 ----D---- C:\Windows\system32\Boot
2018-01-22 15:49:33 ----SHD---- C:\Windows\Installer
2018-01-22 15:31:15 ----SHD---- C:\System Volume Information
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 08:23:46 ----D---- C:\Program Files
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 08:05:49 ----D---- C:\Windows
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:25 ----D---- C:\Windows\Minidump
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2012-03-30 107392]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2012-03-30 107392]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2012-03-30 107392]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Pokud myslíte, že je tam ještě nějaký problém, udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe
MBAM spuštěn a nic nenalezeno. (log níže)
Po restartu minulé kontroly došlo k automatické instalaci dalších chybných ovladačů, po dalším restartu k "modré obrazovce" chybou ovladače. WIN obnovily funkčnost, ale prosím znovu o kontrolu logu, nevím do jakého stavu zpět bylo obnoveno.
Ještě mám jeden problém, ale možná nesouvisí s "malware, viry" ... win hlásí problém "Zapnout službu Centrum zabezpečení systému Windows" -> při pokusu o spuštění NELZE službu spustit. Hledal jsem službu mezi službami, např. pro manuální zapnutí, a vůbec mezi nimi není (ale neměl jsem čas hledat detaily na netu). Díky za případnou radu
--------
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 22.01.18
Čas skenování: 18:37
Logovací soubor: dc42cd3a-ff9a-11e7-8957-089e01282b63.json
Správce: Ano
-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3754
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Bara-PC\Bara
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 166996
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 12 min, 33 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
------------------------------------------
--------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 18:53:02
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:54:58, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Bara\Desktop\RSIT.exe
C:\Program Files\trend micro\Bara.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
--
End of file - 4615 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 18:36:39 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-01-22 18:36:33 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-01-22 18:36:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-01-22 18:36:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-01-22 18:35:49 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-01-22 18:34:51 ----A---- C:\Windows\system32\drivers\mbae.sys
2018-01-22 18:34:35 ----D---- C:\ProgramData\Malwarebytes
2018-01-22 18:34:35 ----D---- C:\Program Files\Malwarebytes
2018-01-22 18:23:40 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 16:43:11 ----D---- C:\_OTM
2018-01-22 13:32:09 ----A---- C:\Windows\system32\mshtml.dll
2018-01-22 13:32:05 ----A---- C:\Windows\system32\ieframe.dll
2018-01-22 13:32:03 ----A---- C:\Windows\system32\jscript9.dll
2018-01-22 13:31:58 ----A---- C:\Windows\system32\wininet.dll
2018-01-22 13:31:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-01-22 13:31:57 ----A---- C:\Windows\system32\iertutil.dll
2018-01-22 13:31:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-22 13:31:55 ----A---- C:\Windows\system32\urlmon.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\vbscript.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\shell32.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\kerberos.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\jscript.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ntdll.dll
2018-01-22 13:31:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ieui.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\winload.exe
2018-01-22 13:31:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\kernel32.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\atmfd.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\ole32.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\advapi32.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\sysmain.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\msxml6.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-22 13:31:45 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-22 13:31:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-22 13:31:44 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-22 13:31:43 ----A---- C:\Windows\system32\win32k.sys
2018-01-22 13:31:42 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-22 13:31:40 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-22 13:31:40 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-22 13:31:39 ----A---- C:\Windows\system32\rpcss.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\halmacpi.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\hal.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\conhost.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-22 13:31:36 ----A---- C:\Windows\system32\webcheck.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\srcore.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\halacpi.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-22 13:31:35 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-22 13:31:35 ----A---- C:\Windows\system32\authui.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\winsrv.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-22 13:31:33 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-22 13:31:33 ----A---- C:\Windows\system32\consent.exe
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-22 13:31:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-22 13:31:24 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\P2P.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\msrating.dll
2018-01-22 13:31:23 ----A---- C:\Windows\system32\smss.exe
2018-01-22 13:31:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-22 13:31:20 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-22 13:31:20 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-22 13:31:19 ----A---- C:\Windows\system32\icm32.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\fontsub.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\mscms.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-22 13:31:18 ----A---- C:\Windows\system32\appinfo.dll
2018-01-22 13:31:17 ----A---- C:\Windows\system32\sspicli.dll
2018-01-22 13:31:15 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-22 13:31:15 ----A---- C:\Windows\system32\atmlib.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshqos.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\traffic.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-22 13:31:12 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\schannel.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\INETRES.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\occache.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-22 13:31:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-22 13:31:08 ----A---- C:\Windows\system32\wdigest.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\inseng.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iesetup.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iernonce.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\srclient.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\appidapi.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-22 13:31:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-22 13:31:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-22 13:30:11 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-22 13:30:10 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\secur32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\rstrui.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lsass.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lpk.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\dciman32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\credssp.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\comcat.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\auditpol.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-22 13:30:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-22 13:30:05 ----A---- C:\Windows\system32\adtschema.dll
2018-01-22 13:30:03 ----A---- C:\Windows\system32\msaudite.dll
2018-01-22 13:30:02 ----A---- C:\Windows\system32\msobjs.dll
2018-01-22 13:30:01 ----A---- C:\Windows\system32\oleres.dll
2018-01-22 13:29:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-01-22 13:29:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-23 02:49:09 ----SHD---- C:\System Volume Information
2018-01-22 18:54:40 ----D---- C:\Windows\Temp
2018-01-22 18:50:18 ----D---- C:\Windows\Microsoft.NET
2018-01-22 18:49:40 ----RSD---- C:\Windows\assembly
2018-01-22 18:41:53 ----D---- C:\Windows\system32\config
2018-01-22 18:40:57 ----D---- C:\Windows\system32\drivers
2018-01-22 18:35:15 ----D---- C:\Windows
2018-01-22 18:34:35 ----D---- C:\ProgramData
2018-01-22 18:34:35 ----D---- C:\Program Files
2018-01-22 18:23:16 ----D---- C:\Windows\Minidump
2018-01-22 17:26:07 ----D---- C:\Windows\System32
2018-01-22 17:26:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-22 17:26:06 ----D---- C:\Windows\inf
2018-01-22 16:03:21 ----D---- C:\Windows\winsxs
2018-01-22 15:51:34 ----D---- C:\Windows\system32\cs-CZ
2018-01-22 15:51:34 ----D---- C:\Program Files\Internet Explorer
2018-01-22 15:51:33 ----D---- C:\Windows\system32\en-US
2018-01-22 15:51:28 ----D---- C:\Windows\AppPatch
2018-01-22 15:51:27 ----D---- C:\Windows\system32\migration
2018-01-22 15:51:27 ----D---- C:\Windows\system32\Boot
2018-01-22 15:49:33 ----SHD---- C:\Windows\Installer
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-11-29 59896]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-01-22 168376]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-01-22 91576]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-01-22 40376]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-01-22 221112]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-01-22 65824]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
Po restartu minulé kontroly došlo k automatické instalaci dalších chybných ovladačů, po dalším restartu k "modré obrazovce" chybou ovladače. WIN obnovily funkčnost, ale prosím znovu o kontrolu logu, nevím do jakého stavu zpět bylo obnoveno.
Ještě mám jeden problém, ale možná nesouvisí s "malware, viry" ... win hlásí problém "Zapnout službu Centrum zabezpečení systému Windows" -> při pokusu o spuštění NELZE službu spustit. Hledal jsem službu mezi službami, např. pro manuální zapnutí, a vůbec mezi nimi není (ale neměl jsem čas hledat detaily na netu). Díky za případnou radu
--------
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 22.01.18
Čas skenování: 18:37
Logovací soubor: dc42cd3a-ff9a-11e7-8957-089e01282b63.json
Správce: Ano
-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3754
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Bara-PC\Bara
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 166996
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 12 min, 33 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
------------------------------------------
--------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bara at 2018-01-22 18:53:02
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 175 GB (60%) free of 292 GB
Total RAM: 1012 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:54:58, on 22.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Bara\Desktop\RSIT.exe
C:\Program Files\trend micro\Bara.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EB3374-35AA-4EA3-A4EC-75F2D7031E31}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{60C057AF-5419-4F6C-A4A3-8F06B0C5EDE0}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3621D35-B4CB-4371-972C-BFC0AED77689}: NameServer =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
--
End of file - 4615 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-21 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-21 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2017-12-05 2171520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-05-02 2193744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GfxServiceInstall]
C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files\Acer\Registration\GREG.exe [2012-02-29 855144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Cleanup.lnk]
C:\PROGRA~1\AVASTS~1\Cleanup\CLEANU~1.EXE [2018-01-21 1449880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2018-01-22 18:36:39 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-01-22 18:36:33 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-01-22 18:36:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-01-22 18:36:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-01-22 18:35:49 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-01-22 18:34:51 ----A---- C:\Windows\system32\drivers\mbae.sys
2018-01-22 18:34:35 ----D---- C:\ProgramData\Malwarebytes
2018-01-22 18:34:35 ----D---- C:\Program Files\Malwarebytes
2018-01-22 18:23:40 ----D---- C:\ProgramData\SWCUTemp
2018-01-22 16:43:11 ----D---- C:\_OTM
2018-01-22 13:32:09 ----A---- C:\Windows\system32\mshtml.dll
2018-01-22 13:32:05 ----A---- C:\Windows\system32\ieframe.dll
2018-01-22 13:32:03 ----A---- C:\Windows\system32\jscript9.dll
2018-01-22 13:31:58 ----A---- C:\Windows\system32\wininet.dll
2018-01-22 13:31:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-01-22 13:31:57 ----A---- C:\Windows\system32\iertutil.dll
2018-01-22 13:31:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-22 13:31:55 ----A---- C:\Windows\system32\urlmon.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\vbscript.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\shell32.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\kerberos.dll
2018-01-22 13:31:53 ----A---- C:\Windows\system32\jscript.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-22 13:31:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ntdll.dll
2018-01-22 13:31:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-22 13:31:50 ----A---- C:\Windows\system32\ieui.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\winload.exe
2018-01-22 13:31:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\kernel32.dll
2018-01-22 13:31:49 ----A---- C:\Windows\system32\atmfd.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\ole32.dll
2018-01-22 13:31:48 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-22 13:31:47 ----A---- C:\Windows\system32\advapi32.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\sysmain.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\msxml6.dll
2018-01-22 13:31:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-22 13:31:45 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-22 13:31:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-22 13:31:44 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-22 13:31:43 ----A---- C:\Windows\system32\win32k.sys
2018-01-22 13:31:42 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-22 13:31:42 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-22 13:31:41 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-22 13:31:40 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-22 13:31:40 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-22 13:31:39 ----A---- C:\Windows\system32\rpcss.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\halmacpi.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\hal.dll
2018-01-22 13:31:39 ----A---- C:\Windows\system32\conhost.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-22 13:31:38 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-22 13:31:36 ----A---- C:\Windows\system32\webcheck.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\srcore.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\halacpi.dll
2018-01-22 13:31:36 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-22 13:31:35 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-22 13:31:35 ----A---- C:\Windows\system32\authui.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\winsrv.dll
2018-01-22 13:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-22 13:31:33 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-22 13:31:33 ----A---- C:\Windows\system32\consent.exe
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-22 13:31:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-22 13:31:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-22 13:31:24 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\P2P.dll
2018-01-22 13:31:24 ----A---- C:\Windows\system32\msrating.dll
2018-01-22 13:31:23 ----A---- C:\Windows\system32\smss.exe
2018-01-22 13:31:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-22 13:31:20 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-22 13:31:20 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-22 13:31:19 ----A---- C:\Windows\system32\icm32.dll
2018-01-22 13:31:19 ----A---- C:\Windows\system32\fontsub.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\mscms.dll
2018-01-22 13:31:18 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-22 13:31:18 ----A---- C:\Windows\system32\appinfo.dll
2018-01-22 13:31:17 ----A---- C:\Windows\system32\sspicli.dll
2018-01-22 13:31:15 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-22 13:31:15 ----A---- C:\Windows\system32\atmlib.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshqos.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\traffic.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-22 13:31:13 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-22 13:31:12 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\schannel.dll
2018-01-22 13:31:12 ----A---- C:\Windows\system32\INETRES.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\occache.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-22 13:31:10 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-22 13:31:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-22 13:31:08 ----A---- C:\Windows\system32\wdigest.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\inseng.dll
2018-01-22 13:31:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-22 13:31:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iesetup.dll
2018-01-22 13:31:06 ----A---- C:\Windows\system32\iernonce.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\srclient.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\appidapi.dll
2018-01-22 13:31:04 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-22 13:31:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-22 13:31:02 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-22 13:30:11 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-22 13:30:10 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\secur32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\rstrui.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lsass.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\lpk.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\dciman32.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\credssp.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\comcat.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\auditpol.exe
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-22 13:30:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-22 13:30:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-22 13:30:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-22 13:30:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-22 13:30:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-22 13:30:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-22 13:30:05 ----A---- C:\Windows\system32\adtschema.dll
2018-01-22 13:30:03 ----A---- C:\Windows\system32\msaudite.dll
2018-01-22 13:30:02 ----A---- C:\Windows\system32\msobjs.dll
2018-01-22 13:30:01 ----A---- C:\Windows\system32\oleres.dll
2018-01-22 13:29:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-01-22 13:29:58 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-22 12:48:36 ----D---- C:\AdwCleaner
2018-01-22 08:23:46 ----D---- C:\Program Files\trend micro
2018-01-22 08:23:42 ----D---- C:\rsit
2018-01-22 08:05:49 ----A---- C:\Windows\wininit.ini
2018-01-22 00:53:59 ----A---- C:\ComboFix.txt
2018-01-22 00:43:17 ----HD---- C:\$AV_ASW
2018-01-22 00:43:14 ----SHD---- C:\$RECYCLE.BIN
2018-01-22 00:08:06 ----A---- C:\Windows\zip.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWSC.exe
2018-01-22 00:08:06 ----A---- C:\Windows\SWREG.exe
2018-01-22 00:08:06 ----A---- C:\Windows\sed.exe
2018-01-22 00:08:06 ----A---- C:\Windows\PEV.exe
2018-01-22 00:08:06 ----A---- C:\Windows\NIRCMD.exe
2018-01-22 00:08:06 ----A---- C:\Windows\MBR.exe
2018-01-22 00:08:06 ----A---- C:\Windows\grep.exe
2018-01-22 00:07:39 ----D---- C:\ComboFix
2018-01-22 00:06:29 ----D---- C:\Qoobox
2018-01-22 00:03:19 ----D---- C:\Windows\erdnt
2018-01-21 23:29:21 ----D---- C:\Temp
2018-01-21 23:06:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-01-21 22:20:05 ----D---- C:\Users\Bara\AppData\Roaming\AVAST Software
2018-01-21 22:13:15 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-21 22:03:54 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-01-21 22:03:53 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-01-21 22:03:14 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-21 21:38:22 ----D---- C:\Program Files\Lavalys
2018-01-21 21:24:47 ----D---- C:\Users\Bara\AppData\Roaming\newsXpresso
2018-01-21 20:44:33 ----D---- C:\Users\Bara\AppData\Roaming\InstallShield
2018-01-21 19:08:48 ----D---- C:\Users\Bara\AppData\Roaming\Innovative Solutions
2018-01-21 18:58:39 ----D---- C:\My Drivers
2018-01-21 18:58:17 ----D---- C:\Program Files\Innovative Solutions
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\log
2018-01-21 17:10:14 ----D---- C:\Users\Bara\AppData\Roaming\Cache
2018-01-21 17:08:38 ----D---- C:\Program Files\AVAST Software
2018-01-20 19:38:45 ----A---- C:\Windows\system32\mstscax.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\tsgqec.dll
2018-01-20 19:38:44 ----A---- C:\Windows\system32\aaclient.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpudd.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-01-20 19:23:50 ----A---- C:\Windows\system32\rdpcorets.dll
2018-01-20 18:30:16 ----A---- C:\Windows\system32\mstsc.exe
2018-01-20 18:27:33 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-01-20 13:05:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-01-20 13:05:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-01-20 11:48:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-01-20 11:48:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-01-20 11:48:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-01-20 11:48:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-01-20 11:48:38 ----A---- C:\Windows\system32\wksprtPS.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-01-20 11:48:38 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-01-20 11:48:36 ----A---- C:\Windows\system32\wksprt.exe
2018-01-20 11:48:36 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-01-20 11:39:19 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-13 09:55:37 ----A---- C:\Windows\system32\itss.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 09:55:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 09:55:36 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 09:55:36 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 09:55:30 ----A---- C:\Windows\system32\tzres.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\appraiser.dll
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-16 10:48:21 ----A---- C:\Windows\system32\aeinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\generaltel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\devinv.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\centel.dll
2017-11-16 10:48:20 ----A---- C:\Windows\system32\aepic.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\invagent.dll
2017-11-16 10:48:19 ----A---- C:\Windows\system32\acmigration.dll
2017-11-16 10:47:31 ----A---- C:\Windows\system32\wmp.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\tquery.dll
2017-11-16 10:47:30 ----A---- C:\Windows\system32\Query.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\t2embed.dll
2017-11-16 10:47:29 ----A---- C:\Windows\system32\msexcl40.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-16 10:47:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-16 10:47:27 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-16 10:47:26 ----A---- C:\Windows\system32\mssrch.dll
2017-11-16 10:47:24 ----A---- C:\Windows\system32\mssvp.dll
2017-11-16 10:47:23 ----A---- C:\Windows\system32\mssph.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-16 10:47:22 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\spwmp.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-16 10:47:21 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msshooks.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-16 10:47:21 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-16 10:47:20 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-02 11:44:18 ----AC---- C:\Windows\system32\MRT-KB890830.exe
======List of files/folders modified in the last 3 months======
2018-01-23 02:49:09 ----SHD---- C:\System Volume Information
2018-01-22 18:54:40 ----D---- C:\Windows\Temp
2018-01-22 18:50:18 ----D---- C:\Windows\Microsoft.NET
2018-01-22 18:49:40 ----RSD---- C:\Windows\assembly
2018-01-22 18:41:53 ----D---- C:\Windows\system32\config
2018-01-22 18:40:57 ----D---- C:\Windows\system32\drivers
2018-01-22 18:35:15 ----D---- C:\Windows
2018-01-22 18:34:35 ----D---- C:\ProgramData
2018-01-22 18:34:35 ----D---- C:\Program Files
2018-01-22 18:23:16 ----D---- C:\Windows\Minidump
2018-01-22 17:26:07 ----D---- C:\Windows\System32
2018-01-22 17:26:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-22 17:26:06 ----D---- C:\Windows\inf
2018-01-22 16:03:21 ----D---- C:\Windows\winsxs
2018-01-22 15:51:34 ----D---- C:\Windows\system32\cs-CZ
2018-01-22 15:51:34 ----D---- C:\Program Files\Internet Explorer
2018-01-22 15:51:33 ----D---- C:\Windows\system32\en-US
2018-01-22 15:51:28 ----D---- C:\Windows\AppPatch
2018-01-22 15:51:27 ----D---- C:\Windows\system32\migration
2018-01-22 15:51:27 ----D---- C:\Windows\system32\Boot
2018-01-22 15:49:33 ----SHD---- C:\Windows\Installer
2018-01-22 13:19:06 ----D---- C:\Windows\system32\catroot2
2018-01-22 08:05:56 ----SD---- C:\ProgramData\Microsoft
2018-01-22 01:21:14 ----D---- C:\Windows\rescache
2018-01-22 00:53:05 ----D---- C:\ProgramData\AVAST Software
2018-01-22 00:43:04 ----A---- C:\Windows\system.ini
2018-01-22 00:42:16 ----D---- C:\Windows\system32\drivers\etc
2018-01-22 00:20:57 ----D---- C:\Program Files\Common Files
2018-01-21 23:02:20 ----D---- C:\Windows\pss
2018-01-21 23:01:27 ----D---- C:\Windows\Tasks
2018-01-21 23:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-01-21 23:00:10 ----D---- C:\Windows\system32\Macromed
2018-01-21 22:57:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2018-01-21 22:13:17 ----D---- C:\Windows\system32\Tasks
2018-01-21 20:44:35 ----D---- C:\Program Files\Intel
2018-01-21 20:16:31 ----A---- C:\Windows\system32\CSVer.dll
2018-01-21 19:50:42 ----D---- C:\Windows\system32\wdi
2018-01-21 18:36:45 ----HD---- C:\Program Files\Temp
2018-01-21 18:36:37 ----D---- C:\Program Files\Realtek
2018-01-21 17:38:24 ----D---- C:\Windows\Logs
2018-01-21 17:38:24 ----D---- C:\Windows\debug
2018-01-21 17:01:51 ----D---- C:\Windows\Prefetch
2018-01-21 17:01:46 ----D---- C:\Windows\Downloaded Installations
2018-01-21 16:52:30 ----D---- C:\Program Files\Common Files\AV
2018-01-20 12:12:25 ----D---- C:\Windows\system32\DriverStore
2018-01-20 12:12:20 ----D---- C:\Windows\PolicyDefinitions
2018-01-20 12:12:19 ----D---- C:\Windows\system32\wbem
2018-01-20 12:12:19 ----D---- C:\Windows\system32\drivers\en-US
2018-01-20 12:12:16 ----RSD---- C:\Windows\Fonts
2018-01-11 00:02:48 ----D---- C:\Windows\system32\MRT
2018-01-10 23:22:28 ----AC---- C:\Windows\system32\MRT.exe
2018-01-04 22:42:16 ----A---- C:\Windows\WORDPAD.INI
2017-12-28 10:42:33 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-28 10:42:33 ----D---- C:\Program Files\Windows Media Player
2017-12-28 10:42:31 ----D---- C:\Windows\system32\Setup
2017-12-23 13:03:50 ----D---- C:\Program Files\Google
2017-12-13 10:47:23 ----D---- C:\Users\Bara\AppData\Roaming\SoftGrid Client
2017-11-29 21:20:30 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-21 294680]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-21 118144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-21 390256]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-11-29 59896]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-21 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-21 151328]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-01-22 168376]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-05-02 225616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-01-22 91576]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-01-22 40376]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-01-22 221112]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-01-22 65824]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Bara\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-04-13 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-21 301168]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2018-01-21 2359928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-21 5906816]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S4 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S4 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Z toho plyne, že tam žádný malware není.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe
Dovolím se vrátit zpět, ačkoliv ntbk se zdá být čistý.
včera večer i dnes se postupně nainstalovalo asi 10 win aktualizací, pokusil jsem se nainstalovat originál drivery, ale s úspěšností 50:50 (soubor "blokován" a instalace se ukončila). Automatická instalace driverů také končí chybou.
před chvílí jsem chtěl odinstalovat jednu dříve instalovanou aplikaci, AvastCleaner (instalovaný v sobotu) nebo včera instalovaný MalwareBytes. Bohužel vždy bez úspěšně, a to buď se installer nepustí vůbec, ikdyž mezi spuštěnými procesy uninstaller vidm, nebo se spustí, ale opět skončí s chybou (žádný chybový kód).
Napadá Vás ještě něco, může to ještě souviset s nějakou "havětí" nebo to pravděpodobně bude "nakopnutý" systém a doporučujete reinstalaci.
A stále nelze pustit "Centrum zabezpečení systému", ikdyž dle pokynů na netu se zdá být vše OK.
Děkuji za jakýkoliv komentář
včera večer i dnes se postupně nainstalovalo asi 10 win aktualizací, pokusil jsem se nainstalovat originál drivery, ale s úspěšností 50:50 (soubor "blokován" a instalace se ukončila). Automatická instalace driverů také končí chybou.
před chvílí jsem chtěl odinstalovat jednu dříve instalovanou aplikaci, AvastCleaner (instalovaný v sobotu) nebo včera instalovaný MalwareBytes. Bohužel vždy bez úspěšně, a to buď se installer nepustí vůbec, ikdyž mezi spuštěnými procesy uninstaller vidm, nebo se spustí, ale opět skončí s chybou (žádný chybový kód).
Napadá Vás ještě něco, může to ještě souviset s nějakou "havětí" nebo to pravděpodobně bude "nakopnutý" systém a doporučujete reinstalaci.
A stále nelze pustit "Centrum zabezpečení systému", ikdyž dle pokynů na netu se zdá být vše OK.
Děkuji za jakýkoliv komentář
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe
Spíš to vidím na nakopaný systém. Můžete se pokusit o obnovu systému k datu, kdy korketně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?