Dobrý deň, ako názov témy napovedá po spustení je môj PC tak spomalený (= 100% CPU - i7 5820k, 100% GPU - geforce gtx 970), že síce nezamrzne ale nereaguje už na absolútne nič a musím ho vypnúť tlačidlom. Napadlo mi hneď pri spustení zapnúť task manager a všimol som si v procesoch stovky spustených rundll32 s prázdnou "command line" a navyše akonáhle sa objavia s pc sa nedá nič robiť. PC prešiel sfc scanom, kontrolou Malwarebytes, nod32, roguekiller, tým microsoft windows malware programom, a nič môj problém zatiaľ nevyriešilo. Niekde som našiel, že by som mal vyskúšať v safe mode systémový nástroj microsoft clean disk a naozaj to pomohlo na dva-tri dni a potom sa ten problém objavil znova, pár krát som to tak riešil no teraz to už nefunguje.
Neviem či sa to dá považovať za valídny faktor ale počítač začal totálne blbnúť keď som ho mal opakovane uspatý asi pol roka pretože som ho bol lenivý vypínať a zapínať a vypli mi elektrinu...vtedy som ho opravoval niekoľko dní a spojazdnil som ho no prišli neskôr tieto problémy. Ďalej sa chcem spýtať či je RSIT scan použiteľný aj v safe mode pretože spustiť ho v normálnom móde je pre mňa momentálne nereálne.
Každopádne tu je log... Dont judge me, za každú pomoc budem veľmi vďačný.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Romanko at 2018-07-25 23:16:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 358 GB (38%) free of 954 GB
Total RAM: 16190 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:16:14, on 25. 7. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Romanko.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Ozone Strike Pro Driver] "C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TurboTop.lnk = C:\Program Files (x86)\TurboTop\TurboTop.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Heroes & Generals Steam Service (HnGSteamService) - Reto-Moto ApS - C:\Steam\steamapps\common\Heroes & Generals\hngservice.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Plays.tv Update Service (PlaysService) (PlaysService) - Copyright (c) 2018 Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13000 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Romanko\Downloads\Windows-KB890830-x64-V5.62.exe"
"C:\Windows\system32\MRT.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Users\Romanko\Downloads\RogueKiller_portable64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Romanko\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Romanko\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Romanko\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x84,0x88,0x8c,0x80,0x90,0x7fef7883228,0x7fef7883238,0x7fef7883248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4104 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --use-gl=swiftshader-webgl --service-request-channel-token=481D98FCFA851F84BC26840EDB5287C1 --mojo-platform-channel-handle=1208 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --service-pipe-token=C4CBBF60699A112814B9B5BE03A7EB1C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=C4CBBF60699A112814B9B5BE03A7EB1C --renderer-client-id=3 --mojo-platform-channel-handle=2528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --service-pipe-token=FF5880322210C424313BD6EFDBD44A44 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=FF5880322210C424313BD6EFDBD44A44 --renderer-client-id=4 --mojo-platform-channel-handle=2868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --service-pipe-token=A4F39F89E47C5B6D5618A76BFE5CEE9B --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=A4F39F89E47C5B6D5618A76BFE5CEE9B --renderer-client-id=5 --mojo-platform-channel-handle=3092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --service-pipe-token=1A92E70A359B4B37404831461AC63027 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1A92E70A359B4B37404831461AC63027 --renderer-client-id=6 --mojo-platform-channel-handle=3152 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --service-pipe-token=183DFE78B79A01AB7518697B428623EF --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=183DFE78B79A01AB7518697B428623EF --renderer-client-id=7 --mojo-platform-channel-handle=3136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=9120036829E1C1D81EEB66BAA85885DF --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9120036829E1C1D81EEB66BAA85885DF --renderer-client-id=22 --mojo-platform-channel-handle=6532 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=704397198733313FAA94E92AC1DB2B80 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=704397198733313FAA94E92AC1DB2B80 --renderer-client-id=23 --mojo-platform-channel-handle=688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=A44C099FAD3065AE786FF2F46AB1DBDE --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=A44C099FAD3065AE786FF2F46AB1DBDE --renderer-client-id=72 --mojo-platform-channel-handle=7856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=802D5B1C54CB03F2C7A2A3DEA732F8B7 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=802D5B1C54CB03F2C7A2A3DEA732F8B7 --renderer-client-id=73 --mojo-platform-channel-handle=7188 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=BC9A8D8817786352383D7BF9ACBF682D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=BC9A8D8817786352383D7BF9ACBF682D --renderer-client-id=74 --mojo-platform-channel-handle=6448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=50C6E11DD902256AA159C85BE357BFF6 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=50C6E11DD902256AA159C85BE357BFF6 --renderer-client-id=75 --mojo-platform-channel-handle=6896 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=B8097CEDCDA896F7FEA74A0FB49E77B2 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=B8097CEDCDA896F7FEA74A0FB49E77B2 --renderer-client-id=76 --mojo-platform-channel-handle=2292 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=CA090A4CB3245A2D2E995054337A5187 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=CA090A4CB3245A2D2E995054337A5187 --renderer-client-id=77 --mojo-platform-channel-handle=9056 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=41CB18BB983000D354AACD454D6960ED --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=41CB18BB983000D354AACD454D6960ED --renderer-client-id=78 --mojo-platform-channel-handle=7396 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=8CF6CD2D1025649828EEDC327445C803 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=8CF6CD2D1025649828EEDC327445C803 --renderer-client-id=79 --mojo-platform-channel-handle=7244 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=2E6CA0A93D8AAC92972DDA2DA58390EA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2E6CA0A93D8AAC92972DDA2DA58390EA --renderer-client-id=81 --mojo-platform-channel-handle=5912 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=95336A38932AB843EACB4FBB681D618F --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=95336A38932AB843EACB4FBB681D618F --renderer-client-id=83 --mojo-platform-channel-handle=8056 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=2EDF7AA8DE21F23895584F403759019C --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2EDF7AA8DE21F23895584F403759019C --renderer-client-id=87 --mojo-platform-channel-handle=7060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=9E5E0402F08E02F7F17294467A1DD613 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9E5E0402F08E02F7F17294467A1DD613 --renderer-client-id=93 --mojo-platform-channel-handle=9588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=F20CD60BD31D5E840DAC41952F02A170 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=F20CD60BD31D5E840DAC41952F02A170 --renderer-client-id=97 --mojo-platform-channel-handle=8828 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=4D67CF767993A502F756005FA2DBE01B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=4D67CF767993A502F756005FA2DBE01B --renderer-client-id=140 --mojo-platform-channel-handle=5804 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1200,7331702332762859969,5660243719971599628,131072 --disable-gpu-compositing --service-pipe-token=65556387C06C658A83540E84FF9DF5B5 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=65556387C06C658A83540E84FF9DF5B5 --renderer-client-id=141 --mojo-platform-channel-handle=10024 /prefetch:1
"C:\Users\Romanko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AdwCleaner_onReboot.job - C:\Users\Romanko\Downloads\adwcleaner_7.2.2.exe /r
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-19 582088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-06-29 1017544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-19 245192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-05-04 149168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-06-29 690872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-12-20 7632088]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [2018-06-04 178496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse]
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2017-08-30 596664]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-13 3754168]
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [2010-12-08 241757]
"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-23 57344]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2018-04-11 51440]
""= []
"Ozone Strike Pro Driver"=C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.exe [2013-08-19 479232]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TurboTop.lnk - C:\Program Files (x86)\TurboTop\TurboTop.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMSwissArmy]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2018-07-25 23:16:09 ----D---- C:\rsit
2018-07-25 23:16:09 ----D---- C:\Program Files\trend micro
2018-07-25 21:12:07 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2018-07-25 21:11:46 ----D---- C:\ProgramData\RogueKiller
2018-07-25 19:54:18 ----A---- C:\rundll32test.txt
2018-07-25 19:41:15 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-07-25 19:31:20 ----D---- C:\AdwCleaner
2018-07-23 16:01:10 ----D---- C:\Users\Romanko\AppData\Roaming\Bandicam Company
2018-07-22 11:11:44 ----D---- C:\Program Files\Common Files\DESIGNER
2018-07-18 18:11:54 ----D---- C:\Users\Romanko\AppData\Roaming\Exanima
2018-07-18 18:06:44 ----D---- C:\Program Files (x86)\Exanima
2018-07-16 18:42:36 ----D---- C:\Program Files (x86)\The Forest
2018-07-16 18:37:14 ----D---- C:\Program Files (x86)\Elaborate Bytes
2018-07-16 18:36:09 ----D---- C:\Program Files (x86)\WinCDEmu
2018-07-15 18:05:05 ----D---- C:\ProgramData\GOG.com
2018-07-15 18:03:47 ----D---- C:\Program Files (x86)\PlanetNomads
2018-07-13 04:01:46 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2018-07-13 04:01:46 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2018-07-13 04:01:46 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2018-07-13 04:01:46 ----A---- C:\Windows\system32\DbxSvc.exe
2018-07-11 10:21:06 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 10:21:06 ----A---- C:\Windows\system32\centel.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 10:21:06 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 10:21:06 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 10:20:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 10:20:53 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 10:20:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 10:20:52 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 10:20:52 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 10:20:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 10:20:51 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 10:20:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 10:20:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 10:20:51 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 10:20:51 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 10:20:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-07-11 10:20:50 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 10:20:50 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 10:20:50 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 10:20:49 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 10:20:49 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 10:20:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 10:20:49 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\hal.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 10:20:49 ----A---- C:\Windows\system32\drivers\netio.sys
2018-07-11 10:20:49 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 10:20:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 10:20:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 10:20:49 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 10:20:49 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 10:20:49 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 10:20:49 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 10:20:48 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\smss.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\occache.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 10:20:48 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 10:20:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 10:20:48 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 10:20:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 10:20:48 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 10:20:48 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 10:20:48 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 10:20:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 10:20:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 10:20:47 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 10:20:47 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 10:20:47 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 10:20:47 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 10:20:47 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 10:20:47 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 10:20:47 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 10:20:47 ----A---- C:\Windows\system32\adtschema.dll
2018-06-30 20:45:02 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-06-30 20:42:16 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvopencl.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvoglv64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvoglshim64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvinitx.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\NvIFR64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvhdap64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\NvFBC64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvdispgenco6439836.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvdispco6439836.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvcuvid.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\nvcuda.dll
2018-06-30 20:42:16 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-06-30 20:42:16 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2018-06-30 20:42:15 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-06-30 20:42:15 ----A---- C:\Windows\system32\nvcompiler.dll
2018-06-30 20:18:15 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2018-06-30 20:18:15 ----A---- C:\Windows\system32\nvspcap64.dll
2018-06-30 20:18:15 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2018-06-30 20:17:15 ----A---- C:\Windows\system32\drivers\nvvhci.sys
======List of files/folders modified in the last 1 month======
2018-07-25 23:16:12 ----D---- C:\Windows\Temp
2018-07-25 23:16:09 ----RD---- C:\Program Files
2018-07-25 22:50:49 ----D---- C:\Windows
2018-07-25 22:42:55 ----D---- C:\Windows\system32\config
2018-07-25 21:12:07 ----D---- C:\Windows\system32\drivers
2018-07-25 21:12:07 ----A---- C:\Windows\ntbtlog.txt
2018-07-25 21:11:46 ----HD---- C:\ProgramData
2018-07-25 19:44:56 ----AC---- C:\Windows\system32\MRT.exe
2018-07-25 19:38:28 ----D---- C:\ProgramData\NVIDIA
2018-07-25 19:36:44 ----D---- C:\Windows\Tasks
2018-07-25 19:16:21 ----D---- C:\Windows\Prefetch
2018-07-25 14:18:39 ----SHD---- C:\System Volume Information
2018-07-25 12:56:26 ----D---- C:\Users\Romanko\AppData\Roaming\vlc
2018-07-23 16:00:59 ----D---- C:\Program Files (x86)\Bandicam
2018-07-23 16:00:54 ----D---- C:\Program Files (x86)\BandiMPEG1
2018-07-23 03:47:36 ----D---- C:\Windows\system32\NDF
2018-07-22 18:13:17 ----D---- C:\Windows\Microsoft.NET
2018-07-22 11:12:09 ----SHD---- C:\Windows\Installer
2018-07-22 11:12:03 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-07-22 11:11:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-07-22 11:11:44 ----D---- C:\Program Files\Common Files
2018-07-22 11:10:05 ----D---- C:\Program Files\Microsoft Office
2018-07-22 11:00:14 ----D---- C:\ProgramData\ProductData
2018-07-22 01:13:06 ----D---- C:\Steam
2018-07-20 02:28:24 ----D---- C:\Users\Romanko\AppData\Roaming\uTorrent
2018-07-19 16:26:42 ----D---- C:\Windows\system32\DriverStore
2018-07-19 16:26:42 ----D---- C:\Windows\inf
2018-07-18 18:06:44 ----RD---- C:\Program Files (x86)
2018-07-18 11:19:19 ----D---- C:\Windows\winsxs
2018-07-18 11:19:15 ----D---- C:\Windows\system32\catroot2
2018-07-17 13:29:23 ----D---- C:\Windows\rescache
2018-07-17 00:02:20 ----N---- C:\Windows\system32\MpSigStub.exe
2018-07-16 18:39:08 ----D---- C:\Windows\system32\Tasks
2018-07-16 18:37:14 ----D---- C:\Windows\SysWOW64
2018-07-15 18:09:47 ----RSD---- C:\Windows\assembly
2018-07-13 21:38:09 ----D---- C:\Program Files (x86)\Dropbox
2018-07-13 21:37:55 ----D---- C:\Windows\System32
2018-07-13 21:04:21 ----D---- C:\Users\Romanko\AppData\Roaming\PlaysTV
2018-07-12 21:37:16 ----D---- C:\Users\Romanko\AppData\Roaming\Origin
2018-07-12 19:37:16 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2018-07-12 19:36:05 ----D---- C:\ProgramData\Origin
2018-07-12 19:36:04 ----D---- C:\Program Files (x86)\Origin Games
2018-07-12 10:13:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-07-12 03:34:56 ----D---- C:\Windows\system32\appraiser
2018-07-12 03:34:55 ----D---- C:\Program Files\Internet Explorer
2018-07-12 03:34:54 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-12 03:34:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-07-12 03:34:54 ----D---- C:\Windows\system32\en-US
2018-07-12 03:34:54 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-12 03:34:54 ----D---- C:\Windows\system32\cs-CZ
2018-07-12 03:34:54 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-12 03:34:53 ----RSD---- C:\Windows\Fonts
2018-07-12 03:34:53 ----D---- C:\Windows\system32\Boot
2018-07-12 03:34:53 ----D---- C:\Windows\AppPatch
2018-07-12 03:09:54 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-07-12 03:04:49 ----D---- C:\Windows\system32\MRT
2018-07-12 01:41:14 ----AD---- C:\Android
2018-07-12 00:15:12 ----D---- C:\Program Files (x86)\Origin
2018-07-04 10:55:41 ----D---- C:\Program Files (x86)\SpeedFan
2018-07-03 15:04:26 ----D---- C:\Windows\Minidump
2018-07-03 10:31:50 ----D---- C:\Games
2018-07-03 10:31:25 ----D---- C:\Program Files (x86)\Far Cry Primal
2018-07-03 10:30:39 ----D---- C:\Program Files (x86)\Port Royale
2018-07-01 09:06:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-06-30 20:45:23 ----D---- C:\ProgramData\NVIDIA Corporation
2018-06-30 20:44:53 ----D---- C:\Program Files (x86)\VulkanRT
2018-06-30 20:44:06 ----D---- C:\Windows\system32\unknown
2018-06-30 20:18:12 ----D---- C:\Program Files\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2017-09-22 545776]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-07-25 253664]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2016-06-22 51736]
R3 rzudd;Razer Keyboard Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2016-06-22 203280]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-06-04 137928]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-06-04 196112]
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
S1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-06-04 108320]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-20 26528]
S2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-08-19 36600]
S2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2017-07-19 43256]
S2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2017-08-19 137208]
S2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-09-08 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-09-08 47672]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-11-12 34720]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-12-20 3996888]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2014-02-26 34568]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-06-24 227928]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-03-15 67432]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2018-07-25 28272]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
S2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
S2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-07-13 8765104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-25 143144]
S2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2018-07-13 51392]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2018-06-04 2240264]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20 144200]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2014-03-11 260360]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-24 767272]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe []
S2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-06-19 3072840]
S2 PlaysService;Plays.tv Update Service (PlaysService); C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2018-04-11 55024]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2018-05-29 76152]
S2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2017-07-20 189264]
S2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2017-10-10 435328]
S2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2017-10-17 916096]
S2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-06-27 6875688]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-25 143144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20 144200]
S3 HnGSteamService;Heroes & Generals Steam Service; C:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [2018-06-27 735528]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-27 147400]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe []
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-06-19 2202432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-07-13 258736]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-06-09 1673504]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-12-19 1255736]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
rundll32 v task manageri nespočetne krát = 100% cpu 100% GPU
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: rundll32 v task manageri nespočetne krát = 100% cpu 100%
Ahoj 
Ten systemovy nastroj "microsoft clean disk" je co konkretne? Predinstalovane Cistenie disku (cleanmgr) alebo nieco ine?
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Ten systemovy nastroj "microsoft clean disk" je co konkretne? Predinstalovane Cistenie disku (cleanmgr) alebo nieco ine? Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: rundll32 v task manageri nespočetne krát = 100% cpu 100%
To čistenie disku od microsoftu je ako ccleaner, vymazáva všetky dočasné a zbytočné súbory napr. stiahnuté súbory programov, dočasné súbory internetu, kôš, dočasné súbory, miniatury, súbory služby zasielania správ o chybách a podobné veci sú tu.
AdwCleaner som používal už včera, predtým ako som založil túto tému, tak skopírujem aj tie logy:
AdwCleaner[C00].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-25-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
Not Deleted Video AdBlock for Chrome
Not Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
___________________________________________________________________________________________________
AdwCleaner[S00].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-25-2018
# Duration: 00:00:20
# OS: Windows 7 Home Premium
# Scanned: 41739
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
___________________________________________________________________________________________________
AdwCleaner[C01].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-26-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Not Deleted Video AdBlock for Chrome
Not Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
AdwCleaner[C00].txt - [1741 octets] - [25/07/2018 19:36:43]
AdwCleaner[S01].txt - [1457 octets] - [26/07/2018 08:31:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
___________________________________________________________________________________________________
AdwCleaner[S01].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2018
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Scanned: 41739
# Detected: 2
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
AdwCleaner[C00].txt - [1741 octets] - [25/07/2018 19:36:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
AdwCleaner som používal už včera, predtým ako som založil túto tému, tak skopírujem aj tie logy:
AdwCleaner[C00].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-25-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
Not Deleted Video AdBlock for Chrome
Not Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
___________________________________________________________________________________________________
AdwCleaner[S00].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-25-2018
# Duration: 00:00:20
# OS: Windows 7 Home Premium
# Scanned: 41739
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
___________________________________________________________________________________________________
AdwCleaner[C01].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-26-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Not Deleted Video AdBlock for Chrome
Not Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
AdwCleaner[C00].txt - [1741 octets] - [25/07/2018 19:36:43]
AdwCleaner[S01].txt - [1457 octets] - [26/07/2018 08:31:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
___________________________________________________________________________________________________
AdwCleaner[S01].txt
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-19.5
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2018
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Scanned: 41739
# Detected: 2
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
PUP.Optional.VideoAdBlocker.ChrPRST Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1677 octets] - [25/07/2018 19:36:04]
AdwCleaner[C00].txt - [1741 octets] - [25/07/2018 19:36:43]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Re: rundll32 v task manageri nespočetne krát = 100% cpu 100%
Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707 V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST. Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?