Zdravím,
prosím o kontrolu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Othala at 2018-02-04 17:08:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 172 GB (18%) free of 953 GB
Total RAM: 8146 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:08:06, on 4.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files\trend micro\Othala.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted IP range: http://192.168.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7582 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Othala\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef0e75720,0x7fef0e75760,0x7fef0e75738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4624 --on-initialized-event-handle=324 --parent-handle=328 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1204,8054541131766704806,7017427907750444339,131072 --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --gpu-driver-date=8-3-2015 --service-request-channel-token=C97DAEF1979EF4F9AEAA8B96CAB586C6 --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,8054541131766704806,7017427907750444339,131072 --service-pipe-token=6FEC88382F94EE6FEB1F9FD46B1BF974 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=6FEC88382F94EE6FEB1F9FD46B1BF974 --renderer-client-id=6 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1204,8054541131766704806,7017427907750444339,131072 --service-pipe-token=11B82B2C78018BC5D2A84292EEE75108 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=11B82B2C78018BC5D2A84292EEE75108 --renderer-client-id=10 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Othala\Desktop\Chrome\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Driver Booster Scheduler.job - C:\Program Files (x86)\IObit\Driver Booster\5.0.3\Scheduler.exe /scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12 229040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-04 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-04 958328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-04 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-11-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-04 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-10-11 9228800]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-12-23 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bloody2"=C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2017-09-01 17627648]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira SystrayStartTrigger]
C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files (x86)\DLL Suite\DLLSuite.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks]
C:\Games\World_of_Tanks\WargamingGameUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk]
C:\PROGRA~2\Dell\DELLDI~1\ddm.exe [2017-12-17 766048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\Installer\{A2D1D1B3-2C94-4E3A-BCD3-268F93010169}\app_icon.ico []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-06 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-02-04 17:01:28 ----D---- C:\Program Files\CCleaner
2018-02-04 16:38:55 ----D---- C:\ProgramData\SWCUTemp
2018-02-02 14:11:22 ----D---- C:\Program Files (x86)\Rockstar Games
2018-02-02 14:11:12 ----D---- C:\Program Files\Rockstar Games
2018-02-02 14:09:34 ----D---- C:\ProgramData\Socialclub
2018-02-02 13:47:48 ----D---- C:\Hry
2018-01-14 16:01:01 ----D---- C:\Users\Othala\AppData\Roaming\.minecraft
2018-01-12 20:34:44 ----A---- C:\Místní disk (D) – zástupce.lnk
2018-01-10 20:09:53 ----A---- C:\Windows\system32\mshtml.dll
2018-01-10 20:09:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-01-10 20:09:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-01-10 20:09:51 ----A---- C:\Windows\system32\ieframe.dll
2018-01-10 20:09:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-10 20:09:49 ----A---- C:\Windows\system32\jscript9.dll
2018-01-10 20:09:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-01-10 20:09:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\ntdll.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\iertutil.dll
2018-01-10 20:09:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-01-10 20:09:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-01-10 20:09:44 ----A---- C:\Windows\system32\urlmon.dll
2018-01-10 20:09:44 ----A---- C:\Windows\system32\ole32.dll
2018-01-10 20:09:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-01-10 20:09:36 ----A---- C:\Windows\system32\shell32.dll
2018-01-10 20:09:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-10 20:09:34 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-10 20:09:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-01-10 20:09:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-10 20:09:31 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\jscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\ieui.dll
2018-01-10 20:09:27 ----A---- C:\Windows\system32\winload.exe
2018-01-10 20:09:27 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-10 20:09:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\msxml6.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-10 20:09:24 ----A---- C:\Windows\system32\winlogon.exe
2018-01-10 20:09:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-10 20:09:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-10 20:09:22 ----A---- C:\Windows\system32\atmfd.dll
2018-01-10 20:09:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-01-10 20:09:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\PeerDistSvc.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-10 20:09:13 ----A---- C:\Windows\system32\sysmain.dll
2018-01-10 20:09:12 ----A---- C:\Windows\system32\schedsvc.dll
2018-01-10 20:09:11 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-10 20:09:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\rpcss.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-10 20:09:10 ----A---- C:\Windows\system32\authui.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\taskcomp.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\wow64win.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-10 20:09:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-10 20:09:07 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-01-10 20:09:07 ----A---- C:\Windows\system32\hal.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\wow64.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\certcli.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\BFE.DLL
2018-01-10 20:09:06 ----A---- C:\Windows\system32\actxprxy.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\wcncsvc.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\vbscript.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\srcore.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\nshwfp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\kernel32.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-10 20:09:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\winhttp.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\vmicsvc.exe
2018-01-10 20:09:04 ----A---- C:\Windows\system32\icm32.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-10 20:09:04 ----A---- C:\Windows\system32\advapi32.dll
2018-01-10 20:09:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-01-10 20:09:03 ----A---- C:\Windows\system32\P2P.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\webcheck.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\WcnApi.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\nlasvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\msrating.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\fdWCN.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\consent.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\nlaapi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\ncsi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\IcCoinstall.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-01-10 20:09:01 ----A---- C:\Windows\system32\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\appinfo.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmictimeprovider.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmicres.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\inseng.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-10 20:08:59 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\win32k.sys
2018-01-10 20:08:59 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\schannel.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\kerberos.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\user.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wow64cpu.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\winsrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspicli.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\smss.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\rstrui.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lsass.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\conhost.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\atmlib.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\adtschema.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
======List of files/folders modified in the last 1 month======
2018-02-04 17:08:05 ----D---- C:\Program Files\trend micro
2018-02-04 17:02:08 ----D---- C:\Users\Othala\AppData\Roaming\MPC-HC
2018-02-04 17:02:08 ----D---- C:\Program Files (x86)\Steam
2018-02-04 17:01:58 ----D---- C:\Windows\Temp
2018-02-04 17:01:58 ----D---- C:\Windows\Logs
2018-02-04 17:01:58 ----D---- C:\Windows\inf
2018-02-04 17:01:58 ----D---- C:\Windows
2018-02-04 17:01:31 ----D---- C:\Windows\system32\Tasks
2018-02-04 17:01:31 ----D---- C:\Windows\Prefetch
2018-02-04 17:01:28 ----RD---- C:\Program Files
2018-02-04 16:42:27 ----D---- C:\Windows\System32
2018-02-04 16:42:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-04 16:38:55 ----AHD---- C:\ProgramData
2018-02-04 16:37:21 ----D---- C:\Windows\system32\config
2018-02-04 10:06:50 ----D---- C:\Windows\SYSWOW64\Macromed
2018-02-03 10:03:47 ----D---- C:\Users\Othala\AppData\Roaming\uTorrent
2018-02-03 09:51:10 ----RD---- C:\## Torrent
2018-02-02 14:11:22 ----RD---- C:\Program Files (x86)
2018-02-02 14:11:11 ----SHD---- C:\Windows\Installer
2018-02-02 14:11:10 ----D---- C:\Windows\winsxs
2018-02-02 14:10:47 ----RSD---- C:\Windows\assembly
2018-02-02 14:10:07 ----SHD---- C:\System Volume Information
2018-02-02 14:09:34 ----RSD---- C:\Windows\Fonts
2018-01-29 16:58:38 ----D---- C:\Windows\system32\catroot2
2018-01-23 10:17:41 ----D---- C:\ProgramData\CanonIJPLM
2018-01-21 12:39:36 ----D---- C:\Windows\SysWOW64
2018-01-21 12:37:41 ----D---- C:\Program Files\Farming Simulator 17
2018-01-21 12:36:46 ----D---- C:\Windows\system32\drivers
2018-01-21 12:34:10 ----D---- C:\Windows\debug
2018-01-21 12:33:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-01-21 12:33:02 ----D---- C:\Windows\system32\Macromed
2018-01-20 20:11:25 ----D---- C:\Users\Othala\AppData\Roaming\vlc
2018-01-20 13:54:05 ----D---- C:\Windows\Microsoft.NET
2018-01-19 20:03:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-01-18 16:41:21 ----D---- C:\Users\Othala\AppData\Roaming\dvdcss
2018-01-13 19:05:45 ----D---- C:\Windows\rescache
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\en-US
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-01-11 16:57:09 ----D---- C:\Program Files\Internet Explorer
2018-01-11 16:57:09 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-11 16:57:08 ----D---- C:\Windows\system32\en-US
2018-01-11 16:57:08 ----D---- C:\Windows\system32\cs-CZ
2018-01-11 16:57:07 ----D---- C:\Windows\system32\migration
2018-01-11 16:57:07 ----D---- C:\Windows\system32\Boot
2018-01-11 16:57:07 ----D---- C:\Windows\AppPatch
2018-01-11 16:57:06 ----D---- C:\Windows\system32\DriverStore
2018-01-11 16:38:31 ----D---- C:\ProgramData\Microsoft Help
2018-01-10 20:22:07 ----D---- C:\Windows\system32\MRT
2018-01-10 20:19:19 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-10 20:19:10 ----AC---- C:\Windows\system32\MRT.exe
2018-01-10 20:08:07 ----A---- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2016-06-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2016-06-13 43720]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-12-23 199448]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-12-23 343768]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-12-23 57696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-12-23 84384]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-12-23 358672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-12-23 185096]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-12-23 321512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2017-12-23 149344]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-12-23 110336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-12-23 1025176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-10 457896]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-13 26528]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-10 146648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-12-23 204456]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-10-23 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-10-11 5826560]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2017-11-18 1077216]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-12-23 46976]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys [2017-04-11 18944]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2016-09-03 60928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 MWAC;MWAC; \??\C:\Windows\system32\drivers\ []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-23 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-12-23 7538536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 116224]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 188632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-06-15 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 344064]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prevence, Děti na PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence, Děti na PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence, Děti na PC
Děkuji, zde je další log:
# AdwCleaner 7.0.7.0 - Logfile created on Sun Feb 04 17:45:17 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Local\DriverToolkit
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
***** [ Files ] *****
Deleted: C:\Users\All Users\Desktop\\Smart Defrag 5.lnk
Deleted: C:\Users\Public\Desktop\\Smart Defrag 5.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Driver Booster Scheduler
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
Deleted: [Key] - HKLM\SOFTWARE\IObit\ASC
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKU\S-1-5-21-356554100-59139773-4143874188-1000\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [4522 B] - [2018/2/4 17:44:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.7.0 - Logfile created on Sun Feb 04 17:45:17 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\Othala\AppData\Local\DriverToolkit
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
***** [ Files ] *****
Deleted: C:\Users\All Users\Desktop\\Smart Defrag 5.lnk
Deleted: C:\Users\Public\Desktop\\Smart Defrag 5.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Driver Booster Scheduler
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
Deleted: [Key] - HKLM\SOFTWARE\IObit\ASC
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted: [Key] - HKU\S-1-5-21-356554100-59139773-4143874188-1000\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [4522 B] - [2018/2/4 17:44:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence, Děti na PC
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence, Děti na PC
zde:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Othala at 2018-02-04 20:12:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 172 GB (18%) free of 953 GB
Total RAM: 8146 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:25, on 4.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Othala.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted IP range: http://192.168.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7886 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
AvastUI.exe /nogui
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\Othala\AppData\Local\Steam\htmlcache" "-steampid=3736" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --disable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Othala\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Othala\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x174,0x178,0x17c,0x170,0x180,0x5ec581a4,0x5ec581b4,0x5ec581c4
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=FAD859ECBCD4C10605B6CF44D0715C4A --enable-blink-features=ResizeObserver --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=FAD859ECBCD4C10605B6CF44D0715C4A --renderer-client-id=6 --mojo-platform-channel-handle=1972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Othala\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef3785720,0x7fef3785760,0x7fef3785738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3924 --on-initialized-event-handle=324 --parent-handle=328 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --gpu-driver-date=8-3-2015 --service-request-channel-token=31D00F8D417857B0286F3DE4A3881172 --mojo-platform-channel-handle=1232 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --service-pipe-token=5D4C89C00A9DED69C46993CA8BD49034 --lang=cs --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=5D4C89C00A9DED69C46993CA8BD49034 --renderer-client-id=5 --mojo-platform-channel-handle=2216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --service-pipe-token=28EFCE11E898908FCEE63948827086DC --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=28EFCE11E898908FCEE63948827086DC --renderer-client-id=6 --mojo-platform-channel-handle=3928 /prefetch:1
"C:\Users\Othala\Desktop\Chrome\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12 229040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-04 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-04 958328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-04 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-11-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-04 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-10-11 9228800]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-12-23 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bloody2"=C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2017-09-01 17627648]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira SystrayStartTrigger]
C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files (x86)\DLL Suite\DLLSuite.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks]
C:\Games\World_of_Tanks\WargamingGameUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk]
C:\PROGRA~2\Dell\DELLDI~1\ddm.exe [2017-12-17 766048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\Installer\{A2D1D1B3-2C94-4E3A-BCD3-268F93010169}\app_icon.ico []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-06 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-02-04 18:48:36 ----D---- C:\ProgramData\SWCUTemp
2018-02-04 18:43:06 ----D---- C:\AdwCleaner
2018-02-04 17:01:28 ----D---- C:\Program Files\CCleaner
2018-02-02 14:11:22 ----D---- C:\Program Files (x86)\Rockstar Games
2018-02-02 14:11:12 ----D---- C:\Program Files\Rockstar Games
2018-02-02 14:09:34 ----D---- C:\ProgramData\Socialclub
2018-02-02 13:47:48 ----D---- C:\Hry
2018-01-14 16:01:01 ----D---- C:\Users\Othala\AppData\Roaming\.minecraft
2018-01-12 20:34:44 ----A---- C:\Místní disk (D) – zástupce.lnk
2018-01-10 20:09:53 ----A---- C:\Windows\system32\mshtml.dll
2018-01-10 20:09:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-01-10 20:09:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-01-10 20:09:51 ----A---- C:\Windows\system32\ieframe.dll
2018-01-10 20:09:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-10 20:09:49 ----A---- C:\Windows\system32\jscript9.dll
2018-01-10 20:09:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-01-10 20:09:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\ntdll.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\iertutil.dll
2018-01-10 20:09:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-01-10 20:09:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-01-10 20:09:44 ----A---- C:\Windows\system32\urlmon.dll
2018-01-10 20:09:44 ----A---- C:\Windows\system32\ole32.dll
2018-01-10 20:09:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-01-10 20:09:36 ----A---- C:\Windows\system32\shell32.dll
2018-01-10 20:09:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-10 20:09:34 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-10 20:09:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-01-10 20:09:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-10 20:09:31 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\jscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\ieui.dll
2018-01-10 20:09:27 ----A---- C:\Windows\system32\winload.exe
2018-01-10 20:09:27 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-10 20:09:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\msxml6.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-10 20:09:24 ----A---- C:\Windows\system32\winlogon.exe
2018-01-10 20:09:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-10 20:09:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-10 20:09:22 ----A---- C:\Windows\system32\atmfd.dll
2018-01-10 20:09:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-01-10 20:09:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\PeerDistSvc.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-10 20:09:13 ----A---- C:\Windows\system32\sysmain.dll
2018-01-10 20:09:12 ----A---- C:\Windows\system32\schedsvc.dll
2018-01-10 20:09:11 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-10 20:09:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\rpcss.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-10 20:09:10 ----A---- C:\Windows\system32\authui.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\taskcomp.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\wow64win.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-10 20:09:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-10 20:09:07 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-01-10 20:09:07 ----A---- C:\Windows\system32\hal.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\wow64.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\certcli.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\BFE.DLL
2018-01-10 20:09:06 ----A---- C:\Windows\system32\actxprxy.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\wcncsvc.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\vbscript.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\srcore.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\nshwfp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\kernel32.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-10 20:09:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\winhttp.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\vmicsvc.exe
2018-01-10 20:09:04 ----A---- C:\Windows\system32\icm32.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-10 20:09:04 ----A---- C:\Windows\system32\advapi32.dll
2018-01-10 20:09:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-01-10 20:09:03 ----A---- C:\Windows\system32\P2P.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\webcheck.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\WcnApi.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\nlasvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\msrating.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\fdWCN.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\consent.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\nlaapi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\ncsi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\IcCoinstall.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-01-10 20:09:01 ----A---- C:\Windows\system32\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\appinfo.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmictimeprovider.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmicres.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\inseng.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-10 20:08:59 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\win32k.sys
2018-01-10 20:08:59 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\schannel.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\kerberos.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\user.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wow64cpu.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\winsrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspicli.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\smss.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\rstrui.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lsass.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\conhost.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\atmlib.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\adtschema.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
======List of files/folders modified in the last 1 month======
2018-02-04 20:12:23 ----D---- C:\Program Files\trend micro
2018-02-04 20:08:31 ----D---- C:\Windows\Temp
2018-02-04 19:25:33 ----D---- C:\Windows\system32\config
2018-02-04 19:15:34 ----D---- C:\Program Files (x86)\Steam
2018-02-04 18:52:39 ----D---- C:\Windows\System32
2018-02-04 18:52:39 ----D---- C:\Windows\inf
2018-02-04 18:52:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-04 18:48:36 ----AHD---- C:\ProgramData
2018-02-04 18:45:14 ----D---- C:\ProgramData\IObit
2018-02-04 18:45:13 ----D---- C:\Users\Othala\AppData\Roaming\IObit
2018-02-04 18:45:12 ----D---- C:\Program Files (x86)\IObit
2018-02-04 18:39:29 ----D---- C:\Windows
2018-02-04 17:02:08 ----D---- C:\Users\Othala\AppData\Roaming\MPC-HC
2018-02-04 17:01:58 ----D---- C:\Windows\Logs
2018-02-04 17:01:31 ----D---- C:\Windows\system32\Tasks
2018-02-04 17:01:31 ----D---- C:\Windows\Prefetch
2018-02-04 17:01:28 ----RD---- C:\Program Files
2018-02-04 10:06:50 ----D---- C:\Windows\SYSWOW64\Macromed
2018-02-03 10:03:47 ----D---- C:\Users\Othala\AppData\Roaming\uTorrent
2018-02-03 09:51:10 ----RD---- C:\## Torrent
2018-02-02 14:11:22 ----RD---- C:\Program Files (x86)
2018-02-02 14:11:11 ----SHD---- C:\Windows\Installer
2018-02-02 14:11:10 ----D---- C:\Windows\winsxs
2018-02-02 14:10:47 ----RSD---- C:\Windows\assembly
2018-02-02 14:10:07 ----SHD---- C:\System Volume Information
2018-02-02 14:09:34 ----RSD---- C:\Windows\Fonts
2018-01-29 16:58:38 ----D---- C:\Windows\system32\catroot2
2018-01-23 10:17:41 ----D---- C:\ProgramData\CanonIJPLM
2018-01-21 12:39:36 ----D---- C:\Windows\SysWOW64
2018-01-21 12:37:41 ----D---- C:\Program Files\Farming Simulator 17
2018-01-21 12:36:46 ----D---- C:\Windows\system32\drivers
2018-01-21 12:34:10 ----D---- C:\Windows\debug
2018-01-21 12:33:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-01-21 12:33:02 ----D---- C:\Windows\system32\Macromed
2018-01-20 20:11:25 ----D---- C:\Users\Othala\AppData\Roaming\vlc
2018-01-20 13:54:05 ----D---- C:\Windows\Microsoft.NET
2018-01-19 20:03:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-01-18 16:41:21 ----D---- C:\Users\Othala\AppData\Roaming\dvdcss
2018-01-13 19:05:45 ----D---- C:\Windows\rescache
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\en-US
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-01-11 16:57:09 ----D---- C:\Program Files\Internet Explorer
2018-01-11 16:57:09 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-11 16:57:08 ----D---- C:\Windows\system32\en-US
2018-01-11 16:57:08 ----D---- C:\Windows\system32\cs-CZ
2018-01-11 16:57:07 ----D---- C:\Windows\system32\migration
2018-01-11 16:57:07 ----D---- C:\Windows\system32\Boot
2018-01-11 16:57:07 ----D---- C:\Windows\AppPatch
2018-01-11 16:57:06 ----D---- C:\Windows\system32\DriverStore
2018-01-11 16:38:31 ----D---- C:\ProgramData\Microsoft Help
2018-01-10 20:22:07 ----D---- C:\Windows\system32\MRT
2018-01-10 20:19:19 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-10 20:19:10 ----AC---- C:\Windows\system32\MRT.exe
2018-01-10 20:08:07 ----A---- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2016-06-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2016-06-13 43720]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-12-23 199448]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-12-23 343768]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-12-23 57696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-12-23 84384]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-12-23 358672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-12-23 185096]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-12-23 321512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2017-12-23 149344]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-12-23 110336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-12-23 1025176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-10 457896]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-13 26528]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-10 146648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-12-23 204456]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-10-23 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-10-11 5826560]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2017-11-18 1077216]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-12-23 46976]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys [2017-04-11 18944]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2016-09-03 60928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 MWAC;MWAC; \??\C:\Windows\system32\drivers\ []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-23 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-12-23 7538536]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 116224]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 188632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-06-15 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 344064]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Othala at 2018-02-04 20:12:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 172 GB (18%) free of 953 GB
Total RAM: 8146 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:25, on 4.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Othala.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - Trusted IP range: http://192.168.0.1
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted IP range: http://192.168.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7886 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
AvastUI.exe /nogui
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\Othala\AppData\Local\Steam\htmlcache" "-steampid=3736" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --disable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Othala\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Othala\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x174,0x178,0x17c,0x170,0x180,0x5ec581a4,0x5ec581b4,0x5ec581c4
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=FAD859ECBCD4C10605B6CF44D0715C4A --enable-blink-features=ResizeObserver --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=FAD859ECBCD4C10605B6CF44D0715C4A --renderer-client-id=6 --mojo-platform-channel-handle=1972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Othala\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Othala\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef3785720,0x7fef3785760,0x7fef3785738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3924 --on-initialized-event-handle=324 --parent-handle=328 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --gpu-driver-date=8-3-2015 --service-request-channel-token=31D00F8D417857B0286F3DE4A3881172 --mojo-platform-channel-handle=1232 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --service-pipe-token=5D4C89C00A9DED69C46993CA8BD49034 --lang=cs --disable-client-side-phishing-detection --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=5D4C89C00A9DED69C46993CA8BD49034 --renderer-client-id=5 --mojo-platform-channel-handle=2216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1216,11283464735464900676,16889582149051798148,131072 --service-pipe-token=28EFCE11E898908FCEE63948827086DC --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=28EFCE11E898908FCEE63948827086DC --renderer-client-id=6 --mojo-platform-channel-handle=3928 /prefetch:1
"C:\Users\Othala\Desktop\Chrome\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12 229040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-04 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-04 958328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-04 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-11-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-04 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-10-11 9228800]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-12-23 246120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bloody2"=C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2017-09-01 17627648]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira SystrayStartTrigger]
C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files (x86)\DLL Suite\DLLSuite.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks]
C:\Games\World_of_Tanks\WargamingGameUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk]
C:\PROGRA~2\Dell\DELLDI~1\ddm.exe [2017-12-17 766048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\Installer\{A2D1D1B3-2C94-4E3A-BCD3-268F93010169}\app_icon.ico []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-06 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-02-04 18:48:36 ----D---- C:\ProgramData\SWCUTemp
2018-02-04 18:43:06 ----D---- C:\AdwCleaner
2018-02-04 17:01:28 ----D---- C:\Program Files\CCleaner
2018-02-02 14:11:22 ----D---- C:\Program Files (x86)\Rockstar Games
2018-02-02 14:11:12 ----D---- C:\Program Files\Rockstar Games
2018-02-02 14:09:34 ----D---- C:\ProgramData\Socialclub
2018-02-02 13:47:48 ----D---- C:\Hry
2018-01-14 16:01:01 ----D---- C:\Users\Othala\AppData\Roaming\.minecraft
2018-01-12 20:34:44 ----A---- C:\Místní disk (D) – zástupce.lnk
2018-01-10 20:09:53 ----A---- C:\Windows\system32\mshtml.dll
2018-01-10 20:09:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-01-10 20:09:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-01-10 20:09:51 ----A---- C:\Windows\system32\ieframe.dll
2018-01-10 20:09:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-10 20:09:49 ----A---- C:\Windows\system32\jscript9.dll
2018-01-10 20:09:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-01-10 20:09:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\wininet.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\ntdll.dll
2018-01-10 20:09:46 ----A---- C:\Windows\system32\iertutil.dll
2018-01-10 20:09:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-01-10 20:09:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-01-10 20:09:44 ----A---- C:\Windows\system32\urlmon.dll
2018-01-10 20:09:44 ----A---- C:\Windows\system32\ole32.dll
2018-01-10 20:09:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-01-10 20:09:36 ----A---- C:\Windows\system32\shell32.dll
2018-01-10 20:09:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\rpcrt4.dll
2018-01-10 20:09:35 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-01-10 20:09:34 ----A---- C:\Windows\system32\ieapfltr.dll
2018-01-10 20:09:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-01-10 20:09:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-10 20:09:31 ----A---- C:\Windows\system32\lsasrv.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-01-10 20:09:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\msfeeds.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\jscript.dll
2018-01-10 20:09:29 ----A---- C:\Windows\system32\ieui.dll
2018-01-10 20:09:27 ----A---- C:\Windows\system32\winload.exe
2018-01-10 20:09:27 ----A---- C:\Windows\system32\drivers\srv.sys
2018-01-10 20:09:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\msxml6.dll
2018-01-10 20:09:25 ----A---- C:\Windows\system32\jscript9diag.dll
2018-01-10 20:09:24 ----A---- C:\Windows\system32\winlogon.exe
2018-01-10 20:09:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-01-10 20:09:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-01-10 20:09:22 ----A---- C:\Windows\system32\atmfd.dll
2018-01-10 20:09:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-01-10 20:09:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-01-10 20:09:19 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\PeerDistSvc.dll
2018-01-10 20:09:19 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-01-10 20:09:13 ----A---- C:\Windows\system32\sysmain.dll
2018-01-10 20:09:12 ----A---- C:\Windows\system32\schedsvc.dll
2018-01-10 20:09:11 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-01-10 20:09:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-01-10 20:09:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\rpcss.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\iedkcs32.dll
2018-01-10 20:09:10 ----A---- C:\Windows\system32\drivers\http.sys
2018-01-10 20:09:10 ----A---- C:\Windows\system32\authui.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-01-10 20:09:09 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\taskcomp.dll
2018-01-10 20:09:09 ----A---- C:\Windows\system32\MPSSVC.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-01-10 20:09:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\wow64win.dll
2018-01-10 20:09:08 ----A---- C:\Windows\system32\inetcomm.dll
2018-01-10 20:09:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\spoolsv.exe
2018-01-10 20:09:07 ----A---- C:\Windows\system32\p2psvc.dll
2018-01-10 20:09:07 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-01-10 20:09:07 ----A---- C:\Windows\system32\hal.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-01-10 20:09:06 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\wow64.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\certcli.dll
2018-01-10 20:09:06 ----A---- C:\Windows\system32\BFE.DLL
2018-01-10 20:09:06 ----A---- C:\Windows\system32\actxprxy.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-01-10 20:09:05 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\wcncsvc.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\vbscript.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\srcore.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\nshwfp.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\kernel32.dll
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-01-10 20:09:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-01-10 20:09:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\winhttp.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\vmicsvc.exe
2018-01-10 20:09:04 ----A---- C:\Windows\system32\icm32.dll
2018-01-10 20:09:04 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-01-10 20:09:04 ----A---- C:\Windows\system32\advapi32.dll
2018-01-10 20:09:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-01-10 20:09:03 ----A---- C:\Windows\system32\P2P.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-01-10 20:09:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\webcheck.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\WcnApi.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\nlasvc.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\msrating.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\icfupgd.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\fdWCN.dll
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-01-10 20:09:02 ----A---- C:\Windows\system32\consent.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-01-10 20:09:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\PeerDist.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\nlaapi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\ncsi.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\mscms.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\KernelBase.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\IcCoinstall.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-01-10 20:09:01 ----A---- C:\Windows\system32\fontsub.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\dxtmsft.dll
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-01-10 20:09:01 ----A---- C:\Windows\system32\appinfo.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-01-10 20:09:00 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshqos.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wshnetbs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\wfapigp.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmictimeprovider.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\vmicres.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\traffic.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasser.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasmxs.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rasdiag.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\rascfg.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\inseng.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\ie4uinit.exe
2018-01-10 20:09:00 ----A---- C:\Windows\system32\dxtrans.dll
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\drivers\appid.sys
2018-01-10 20:09:00 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-10 20:08:59 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\win32k.sys
2018-01-10 20:08:59 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\schannel.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\rpchttp.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\kerberos.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\INETRES.dll
2018-01-10 20:08:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-10 20:08:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\user.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wow64cpu.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\winsrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\wdigest.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\TSpkg.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspisrv.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\sspicli.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\srclient.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\smss.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\secur32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\rstrui.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\occache.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ntvdm64.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ncrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\msv1_0.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\mshtmled.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lsass.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\lpk.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\jsproxy.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\ieUnatt.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iesetup.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\iernonce.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\dciman32.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\cryptbase.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\credssp.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\conhost.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\comcat.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\bcrypt.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\auditpol.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\atmlib.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidsvc.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-01-10 20:08:58 ----A---- C:\Windows\system32\appidapi.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\apisetschema.dll
2018-01-10 20:08:58 ----A---- C:\Windows\system32\adtschema.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\oleres.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msxml6r.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msobjs.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\msaudite.dll
2018-01-10 20:08:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
======List of files/folders modified in the last 1 month======
2018-02-04 20:12:23 ----D---- C:\Program Files\trend micro
2018-02-04 20:08:31 ----D---- C:\Windows\Temp
2018-02-04 19:25:33 ----D---- C:\Windows\system32\config
2018-02-04 19:15:34 ----D---- C:\Program Files (x86)\Steam
2018-02-04 18:52:39 ----D---- C:\Windows\System32
2018-02-04 18:52:39 ----D---- C:\Windows\inf
2018-02-04 18:52:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-04 18:48:36 ----AHD---- C:\ProgramData
2018-02-04 18:45:14 ----D---- C:\ProgramData\IObit
2018-02-04 18:45:13 ----D---- C:\Users\Othala\AppData\Roaming\IObit
2018-02-04 18:45:12 ----D---- C:\Program Files (x86)\IObit
2018-02-04 18:39:29 ----D---- C:\Windows
2018-02-04 17:02:08 ----D---- C:\Users\Othala\AppData\Roaming\MPC-HC
2018-02-04 17:01:58 ----D---- C:\Windows\Logs
2018-02-04 17:01:31 ----D---- C:\Windows\system32\Tasks
2018-02-04 17:01:31 ----D---- C:\Windows\Prefetch
2018-02-04 17:01:28 ----RD---- C:\Program Files
2018-02-04 10:06:50 ----D---- C:\Windows\SYSWOW64\Macromed
2018-02-03 10:03:47 ----D---- C:\Users\Othala\AppData\Roaming\uTorrent
2018-02-03 09:51:10 ----RD---- C:\## Torrent
2018-02-02 14:11:22 ----RD---- C:\Program Files (x86)
2018-02-02 14:11:11 ----SHD---- C:\Windows\Installer
2018-02-02 14:11:10 ----D---- C:\Windows\winsxs
2018-02-02 14:10:47 ----RSD---- C:\Windows\assembly
2018-02-02 14:10:07 ----SHD---- C:\System Volume Information
2018-02-02 14:09:34 ----RSD---- C:\Windows\Fonts
2018-01-29 16:58:38 ----D---- C:\Windows\system32\catroot2
2018-01-23 10:17:41 ----D---- C:\ProgramData\CanonIJPLM
2018-01-21 12:39:36 ----D---- C:\Windows\SysWOW64
2018-01-21 12:37:41 ----D---- C:\Program Files\Farming Simulator 17
2018-01-21 12:36:46 ----D---- C:\Windows\system32\drivers
2018-01-21 12:34:10 ----D---- C:\Windows\debug
2018-01-21 12:33:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-01-21 12:33:02 ----D---- C:\Windows\system32\Macromed
2018-01-20 20:11:25 ----D---- C:\Users\Othala\AppData\Roaming\vlc
2018-01-20 13:54:05 ----D---- C:\Windows\Microsoft.NET
2018-01-19 20:03:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-01-18 16:41:21 ----D---- C:\Users\Othala\AppData\Roaming\dvdcss
2018-01-13 19:05:45 ----D---- C:\Windows\rescache
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\en-US
2018-01-11 16:57:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-01-11 16:57:09 ----D---- C:\Program Files\Internet Explorer
2018-01-11 16:57:09 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-11 16:57:08 ----D---- C:\Windows\system32\en-US
2018-01-11 16:57:08 ----D---- C:\Windows\system32\cs-CZ
2018-01-11 16:57:07 ----D---- C:\Windows\system32\migration
2018-01-11 16:57:07 ----D---- C:\Windows\system32\Boot
2018-01-11 16:57:07 ----D---- C:\Windows\AppPatch
2018-01-11 16:57:06 ----D---- C:\Windows\system32\DriverStore
2018-01-11 16:38:31 ----D---- C:\ProgramData\Microsoft Help
2018-01-10 20:22:07 ----D---- C:\Windows\system32\MRT
2018-01-10 20:19:19 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-10 20:19:10 ----AC---- C:\Windows\system32\MRT.exe
2018-01-10 20:08:07 ----A---- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2016-06-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2016-06-13 43720]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-12-23 199448]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-12-23 343768]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-12-23 57696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-12-23 84384]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-12-23 358672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-12-23 185096]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-12-23 321512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2017-12-23 149344]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-12-23 110336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-12-23 1025176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-10 457896]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-13 26528]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-10 146648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-12-23 204456]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-10-23 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-10-11 5826560]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2017-11-18 1077216]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-12-23 46976]
S3 cpuz143;cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys [2017-04-11 18944]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2016-09-03 60928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 MWAC;MWAC; \??\C:\Windows\system32\drivers\ []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-23 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-12-23 7538536]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 116224]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 188632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-06-15 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-21 272384]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 344064]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13 154440]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence, Děti na PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prevence, Děti na PC
Děkuji a omlouvam se za nepřítomnost,
zde je log z OTM
All processes killed
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Othala
->Temp folder emptied: 10042405 bytes
->Temporary Internet Files folder emptied: 388757 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 47774810 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2206 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 1170 bytes
RecycleBin emptied: 904435192 bytes
Total Files Cleaned = 918,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Othala
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02052018_184605
Files moved on Reboot...
C:\Users\Othala\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
zde je log z OTM
All processes killed
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Othala
->Temp folder emptied: 10042405 bytes
->Temporary Internet Files folder emptied: 388757 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 47774810 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2206 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 1170 bytes
RecycleBin emptied: 904435192 bytes
Total Files Cleaned = 918,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Othala
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02052018_184605
Files moved on Reboot...
C:\Users\Othala\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence, Děti na PC
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prevence, Děti na PC
Rádom se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?