dobry den, dnes se mi z nenadani zacal pretezovat PC
nic zasadniho jsem neprovedl takze duvod k tomu nebyl.
zjistil jsem ze mi pc MOC VYTEZUJE PROCES - dllhost.exe ( COM Surrogate) nevim co to je ale bere mi cca 31% vykonu.
ted po par hodinach se pridal proces - explorer.exe ( pruzkumnik windovs ) taky žere cca 35 % vykonu. pridavam screen
muze mi nekdo poradit proc se to najednou deje ?
moc dekuji za ochotu
zde log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bobik at 2018-08-01 21:25:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 4095 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:21, on 1.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files\trend micro\Bobik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [xwidget] C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\KeepVid\KeepVid Music\DriverInstall.exe
--
End of file - 8481 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthaudiosvc
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\\spdsvc.exe
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
taskeng.exe {353A5D35-000E-4558-B727-380A35EFF3D1}
"C:\Program Files\Core Temp\Core Temp.exe"
AvastUI.exe /nogui
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-620bd29a-5a57-4177-afc2-48a355dc4424 -SystemEventPortName:HostProcess-5a7f7d90-ed80-4712-8f23-79278519eca3 -IoCancelEventPortName:HostProcess-166f1f35-842f-40cd-bcc9-75e8fc7c25ef -NonStateChangingEventPortName:HostProcess-10552360-5727-4989-90b9-a445e94e9529 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d0c465b3-52d9-42fe-8739-117348849498 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\eM Client\MailClient.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Bobik\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Bobik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Bobik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef0a03228,0x7fef0a03238,0x7fef0a03248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5016 --on-initialized-event-handle=356 --parent-handle=368 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=BF69D9E8F1B799AFEBC09DEE4C50D4D5 --mojo-platform-channel-handle=1076 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" restart
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --service-pipe-token=BA1C7A1E05E94936EB84DC660EB7D275 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=BA1C7A1E05E94936EB84DC660EB7D275 --renderer-client-id=47 --mojo-platform-channel-handle=4636 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --service-pipe-token=D0E87FDB8891C80174522E4E2CE85C6B --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=D0E87FDB8891C80174522E4E2CE85C6B --renderer-client-id=55 --mojo-platform-channel-handle=8692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --service-pipe-token=CA67805DBC9B32CC96F040E76828E4CE --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=CA67805DBC9B32CC96F040E76828E4CE --renderer-client-id=56 --mojo-platform-channel-handle=5296 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --service-pipe-token=C47BB88648C3CCDA0F33064B65684D30 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=C47BB88648C3CCDA0F33064B65684D30 --renderer-client-id=57 --mojo-platform-channel-handle=6900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1060,6171067311460259294,353868376027769297,131072 --service-pipe-token=C3A26BC4C92FB0D4CEB1B3DE9747A42B --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=C3A26BC4C92FB0D4CEB1B3DE9747A42B --renderer-client-id=59 --mojo-platform-channel-handle=3228 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Bobik\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099\extensions\
b677-ce8a-73f6-076d
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-11 938712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-11 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-11 242904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"xwidget"=C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2016-10-08 2138272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeepVidMusicService]
C:\Program Files (x86)\KeepVid\KeepVid Music\KeepVidMusicService.exe [2017-10-24 16896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2017-09-20 3029936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-08-01 21:25:17 ----D---- C:\rsit
2018-08-01 21:25:17 ----D---- C:\Program Files\trend micro
2018-08-01 21:16:34 ----D---- C:\ProgramData\SystemExplorer
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)\System Explorer
2018-08-01 18:57:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-01 18:50:40 ----N---- C:\bootsqm.dat
2018-08-01 17:06:31 ----D---- C:\Program Files\Malwarebytes
2018-08-01 16:51:42 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-01 16:15:11 ----D---- C:\Program Files\CCleaner
2018-07-11 08:55:27 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 08:55:27 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\centel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 08:55:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 08:55:15 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 08:55:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 08:55:14 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 08:55:12 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\hal.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\smss.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 08:55:09 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\adtschema.dll
======List of files/folders modified in the last 1 month======
2018-08-01 21:25:22 ----D---- C:\Windows\Temp
2018-08-01 21:25:17 ----RD---- C:\Program Files
2018-08-01 21:17:35 ----D---- C:\Windows\system32\drivers
2018-08-01 21:16:34 ----HD---- C:\ProgramData
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)
2018-08-01 21:09:28 ----D---- C:\Windows\Microsoft.NET
2018-08-01 20:50:15 ----SHD---- C:\Windows\Installer
2018-08-01 20:40:32 ----D---- C:\Users\Bobik\AppData\Roaming\eM Client
2018-08-01 19:36:04 ----D---- C:\Windows\System32
2018-08-01 19:36:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-01 19:34:40 ----SHD---- C:\System Volume Information
2018-08-01 19:34:31 ----A---- C:\missing.ini
2018-08-01 19:34:29 ----AD---- C:\ProgramData\TEMP
2018-08-01 19:28:17 ----D---- C:\Windows\system32\config
2018-08-01 19:11:29 ----D---- C:\Windows\inf
2018-08-01 19:05:17 ----D---- C:\Windows\winsxs
2018-08-01 19:04:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-01 19:04:21 ----D---- C:\Windows\SysWOW64
2018-08-01 19:04:21 ----D---- C:\Windows\system32\cs-CZ
2018-08-01 18:59:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-08-01 18:56:19 ----D---- C:\Windows\system32\catroot2
2018-08-01 17:25:12 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-01 17:12:18 ----D---- C:\Program Files (x86)\Cheat Engine 6.7
2018-08-01 17:06:40 ----D---- C:\Windows
2018-08-01 16:51:49 ----D---- C:\Windows\system32\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\system32\wfp
2018-08-01 16:51:01 ----D---- C:\Windows\system32\wbem
2018-08-01 16:50:32 ----D---- C:\Windows\system32\DriverStore
2018-08-01 16:50:32 ----D---- C:\Windows\system32\drivers\etc
2018-08-01 16:50:29 ----D---- C:\ProgramData\Microsoft Help
2018-08-01 16:50:29 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-08-01 16:50:28 ----D---- C:\Windows\registration
2018-08-01 16:48:58 ----D---- C:\Windows\Prefetch
2018-07-27 17:00:36 ----A---- C:\RecorderProtectionError.txt
2018-07-26 12:38:04 ----D---- C:\Program Files\Mozilla Firefox
2018-07-23 20:52:32 ----D---- C:\Users\Bobik\AppData\Roaming\BitTorrent
2018-07-23 19:52:50 ----D---- C:\ProgramData\boost_interprocess
2018-07-11 20:11:52 ----D---- C:\Windows\rescache
2018-07-11 18:03:25 ----RSD---- C:\Windows\assembly
2018-07-11 17:26:00 ----D---- C:\Windows\system32\appraiser
2018-07-11 17:25:59 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-11 17:25:59 ----D---- C:\Program Files\Internet Explorer
2018-07-11 17:25:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-11 17:25:58 ----RSD---- C:\Windows\Fonts
2018-07-11 17:25:58 ----D---- C:\Windows\system32\en-US
2018-07-11 17:25:58 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-11 17:25:58 ----D---- C:\Windows\system32\Boot
2018-07-11 17:25:58 ----D---- C:\Windows\AppPatch
2018-07-11 17:19:34 ----D---- C:\Windows\system32\MRT
2018-07-11 17:16:15 ----AC---- C:\Windows\system32\MRT.exe
2018-07-10 20:28:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-07-10 20:28:11 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-11 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-11 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-11 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-11 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-11 381584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-11 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-11 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-11 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-11 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-11 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2014-01-07 516096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-11 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-11 211160]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2016-07-26 11576]
R3 ALSysIO;ALSysIO; \??\C:\Users\Bobik\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-06-12 36562312]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-06-12 520584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-11 46976]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-01-07 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-07 80384]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FreshIO;FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2014-01-07 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-01-07 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-06-12 543112]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-11 322464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2017-09-20 498096]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 Samsung Printer Dianostics Service;Samsung Printer Dianostics Service; C:\Windows\syswow64\\spdsvc.exe [2018-04-25 508488]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2017-08-06 143664]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-11 7780400]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2014-01-07 27136]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-07 1255736]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 KvAppService;Keepvid Application Framework Service; C:\Program Files (x86)\Keepvid\KAF\2.4.2.222\KvAppService.exe [2017-03-10 474824]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nahlé zpomaleni PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
nahlé zpomaleni PC
- Přílohy
-
- aa (Custom).jpg (98.09 KiB) Zobrazeno 1200 x
-
Rudy
- Site Admin
- Příspěvky: 118272
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nahlé zpomaleni PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nahlé zpomaleni PC
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-02-2018
# Duration: 00:00:19
# OS: Windows 7 Professional
# Scanned: 41737
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2914 octets] - [20/05/2018 11:36:16]
AdwCleaner[C00].txt - [2661 octets] - [20/05/2018 11:37:59]
AdwCleaner[S01].txt - [1651 octets] - [21/06/2018 19:08:45]
AdwCleaner[C01].txt - [1746 octets] - [21/06/2018 19:09:32]
AdwCleaner[S02].txt - [1302 octets] - [01/07/2018 16:36:37]
AdwCleaner[S03].txt - [1696 octets] - [11/07/2018 17:35:10]
AdwCleaner[C03].txt - [1842 octets] - [11/07/2018 17:35:36]
AdwCleaner[S04].txt - [1676 octets] - [01/08/2018 16:08:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-02-2018
# Duration: 00:00:19
# OS: Windows 7 Professional
# Scanned: 41737
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2914 octets] - [20/05/2018 11:36:16]
AdwCleaner[C00].txt - [2661 octets] - [20/05/2018 11:37:59]
AdwCleaner[S01].txt - [1651 octets] - [21/06/2018 19:08:45]
AdwCleaner[C01].txt - [1746 octets] - [21/06/2018 19:09:32]
AdwCleaner[S02].txt - [1302 octets] - [01/07/2018 16:36:37]
AdwCleaner[S03].txt - [1696 octets] - [11/07/2018 17:35:10]
AdwCleaner[C03].txt - [1842 octets] - [11/07/2018 17:35:36]
AdwCleaner[S04].txt - [1676 octets] - [01/08/2018 16:08:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118272
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nahlé zpomaleni PC
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nahlé zpomaleni PC
zde je tedy po provedene akci novy log
ale proces dllhost.exe se porad spousti s vytizenim vic jak 35%
¨
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bobik at 2018-08-02 13:35:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 19 GB (17%) free of 114 GB
Total RAM: 4095 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:49, on 2.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Bobik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [xwidget] C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\KeepVid\KeepVid Music\DriverInstall.exe
--
End of file - 8373 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {DC893574-43D6-4BF8-89AE-9F91F385E99B}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthaudiosvc
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\\spdsvc.exe
taskeng.exe {3473AFC7-3883-441E-A99A-DBE8ACCCA6B4}
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8353b2a2-29be-4a2e-a8ed-f7d36cbb0c85 -SystemEventPortName:HostProcess-adfed33f-53a5-4322-a851-2f5e3c4bdf9d -IoCancelEventPortName:HostProcess-9e104261-385a-4f43-914d-d41126c30d17 -NonStateChangingEventPortName:HostProcess-e55ccb56-26ac-47da-984b-24bf71449eb0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0fd51e24-f18e-4be4-9931-b1993171e309 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
AvastUI.exe /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Users\Bobik\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099\extensions\
b677-ce8a-73f6-076d
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-11 938712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-11 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-11 242904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"xwidget"=C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2016-10-08 2138272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeepVidMusicService]
C:\Program Files (x86)\KeepVid\KeepVid Music\KeepVidMusicService.exe [2017-10-24 16896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2017-09-20 3029936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-08-02 13:27:02 ----D---- C:\_OTM
2018-08-01 21:25:17 ----D---- C:\rsit
2018-08-01 21:25:17 ----D---- C:\Program Files\trend micro
2018-08-01 21:16:34 ----D---- C:\ProgramData\SystemExplorer
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)\System Explorer
2018-08-01 18:57:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-01 18:50:40 ----N---- C:\bootsqm.dat
2018-08-01 17:06:31 ----D---- C:\Program Files\Malwarebytes
2018-08-01 16:51:42 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-01 16:15:11 ----D---- C:\Program Files\CCleaner
2018-07-11 08:55:27 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 08:55:27 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\centel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 08:55:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 08:55:15 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 08:55:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 08:55:14 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 08:55:12 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\hal.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\smss.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 08:55:09 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\adtschema.dll
======List of files/folders modified in the last 1 month======
2018-08-02 13:33:43 ----D---- C:\Windows\Temp
2018-08-02 12:37:59 ----SHD---- C:\Windows\Installer
2018-08-02 10:56:27 ----D---- C:\Users\Bobik\AppData\Roaming\eM Client
2018-08-02 08:42:46 ----D---- C:\Windows\system32\config
2018-08-02 08:35:25 ----D---- C:\Windows\System32
2018-08-02 08:35:25 ----D---- C:\Windows\inf
2018-08-02 08:35:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-02 08:29:48 ----D---- C:\Program Files\Mozilla Firefox
2018-08-01 21:25:17 ----RD---- C:\Program Files
2018-08-01 21:17:35 ----D---- C:\Windows\system32\drivers
2018-08-01 21:16:34 ----HD---- C:\ProgramData
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)
2018-08-01 21:09:28 ----D---- C:\Windows\Microsoft.NET
2018-08-01 19:34:40 ----SHD---- C:\System Volume Information
2018-08-01 19:34:31 ----A---- C:\missing.ini
2018-08-01 19:34:29 ----AD---- C:\ProgramData\TEMP
2018-08-01 19:05:17 ----D---- C:\Windows\winsxs
2018-08-01 19:04:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-01 19:04:21 ----D---- C:\Windows\SysWOW64
2018-08-01 19:04:21 ----D---- C:\Windows\system32\cs-CZ
2018-08-01 18:59:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-08-01 18:56:19 ----D---- C:\Windows\system32\catroot2
2018-08-01 17:25:12 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-01 17:12:18 ----D---- C:\Program Files (x86)\Cheat Engine 6.7
2018-08-01 17:06:40 ----D---- C:\Windows
2018-08-01 16:51:49 ----D---- C:\Windows\system32\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\system32\wfp
2018-08-01 16:51:01 ----D---- C:\Windows\system32\wbem
2018-08-01 16:50:32 ----D---- C:\Windows\system32\DriverStore
2018-08-01 16:50:32 ----D---- C:\Windows\system32\drivers\etc
2018-08-01 16:50:29 ----D---- C:\ProgramData\Microsoft Help
2018-08-01 16:50:29 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-08-01 16:50:28 ----D---- C:\Windows\registration
2018-08-01 16:48:58 ----D---- C:\Windows\Prefetch
2018-07-27 17:00:36 ----A---- C:\RecorderProtectionError.txt
2018-07-23 20:52:32 ----D---- C:\Users\Bobik\AppData\Roaming\BitTorrent
2018-07-23 19:52:50 ----D---- C:\ProgramData\boost_interprocess
2018-07-11 20:11:52 ----D---- C:\Windows\rescache
2018-07-11 18:03:25 ----RSD---- C:\Windows\assembly
2018-07-11 17:26:00 ----D---- C:\Windows\system32\appraiser
2018-07-11 17:25:59 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-11 17:25:59 ----D---- C:\Program Files\Internet Explorer
2018-07-11 17:25:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-11 17:25:58 ----RSD---- C:\Windows\Fonts
2018-07-11 17:25:58 ----D---- C:\Windows\system32\en-US
2018-07-11 17:25:58 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-11 17:25:58 ----D---- C:\Windows\system32\Boot
2018-07-11 17:25:58 ----D---- C:\Windows\AppPatch
2018-07-11 17:19:34 ----D---- C:\Windows\system32\MRT
2018-07-11 17:16:15 ----AC---- C:\Windows\system32\MRT.exe
2018-07-10 20:28:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-07-10 20:28:11 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-11 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-11 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-11 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-11 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-11 381584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-11 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-11 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-11 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-11 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-11 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2014-01-07 516096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-11 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-11 211160]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2016-07-26 11576]
R3 ALSysIO;ALSysIO; \??\C:\Users\Bobik\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-06-12 36562312]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-06-12 520584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-11 46976]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-01-07 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-07 80384]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FreshIO;FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2014-01-07 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-01-07 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-06-12 543112]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-11 322464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2017-09-20 498096]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 Samsung Printer Dianostics Service;Samsung Printer Dianostics Service; C:\Windows\syswow64\\spdsvc.exe [2018-04-25 508488]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2017-08-06 143664]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2014-01-07 27136]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2014-01-07 27136]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-11 7780400]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-07 1255736]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 KvAppService;Keepvid Application Framework Service; C:\Program Files (x86)\Keepvid\KAF\2.4.2.222\KvAppService.exe [2017-03-10 474824]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
-----------------EOF-----------------
ale proces dllhost.exe se porad spousti s vytizenim vic jak 35%
¨
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bobik at 2018-08-02 13:35:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 19 GB (17%) free of 114 GB
Total RAM: 4095 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:49, on 2.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Bobik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [xwidget] C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\KeepVid\KeepVid Music\DriverInstall.exe
--
End of file - 8373 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {DC893574-43D6-4BF8-89AE-9F91F385E99B}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthaudiosvc
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\\spdsvc.exe
taskeng.exe {3473AFC7-3883-441E-A99A-DBE8ACCCA6B4}
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8353b2a2-29be-4a2e-a8ed-f7d36cbb0c85 -SystemEventPortName:HostProcess-adfed33f-53a5-4322-a851-2f5e3c4bdf9d -IoCancelEventPortName:HostProcess-9e104261-385a-4f43-914d-d41126c30d17 -NonStateChangingEventPortName:HostProcess-e55ccb56-26ac-47da-984b-24bf71449eb0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0fd51e24-f18e-4be4-9931-b1993171e309 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
AvastUI.exe /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Users\Bobik\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
C:\Users\Bobik\AppData\Roaming\Mozilla\Firefox\Profiles\z5ismwoh.default-1509460250099\extensions\
b677-ce8a-73f6-076d
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-11 938712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-11 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-11 242904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"xwidget"=C:\Users\Bobik\AppData\Local\Temp\Rar$EXa0.706\XWidgetStarter.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2016-10-08 2138272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeepVidMusicService]
C:\Program Files (x86)\KeepVid\KeepVid Music\KeepVidMusicService.exe [2017-10-24 16896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2017-09-20 3029936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-08-02 13:27:02 ----D---- C:\_OTM
2018-08-01 21:25:17 ----D---- C:\rsit
2018-08-01 21:25:17 ----D---- C:\Program Files\trend micro
2018-08-01 21:16:34 ----D---- C:\ProgramData\SystemExplorer
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)\System Explorer
2018-08-01 18:57:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\tzres.dll
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-01 18:57:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-01 18:50:40 ----N---- C:\bootsqm.dat
2018-08-01 17:06:31 ----D---- C:\Program Files\Malwarebytes
2018-08-01 16:51:42 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-01 16:15:11 ----D---- C:\Program Files\CCleaner
2018-07-11 08:55:27 ----A---- C:\Windows\system32\appraiser.dll
2018-07-11 08:55:27 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\invagent.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\generaltel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\devinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-11 08:55:26 ----A---- C:\Windows\system32\centel.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aepic.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\aeinv.dll
2018-07-11 08:55:26 ----A---- C:\Windows\system32\acmigration.dll
2018-07-11 08:55:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-07-11 08:55:15 ----A---- C:\Windows\system32\mshtml.dll
2018-07-11 08:55:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-07-11 08:55:14 ----A---- C:\Windows\system32\ieframe.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\shell32.dll
2018-07-11 08:55:13 ----A---- C:\Windows\system32\jscript9.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\win32k.sys
2018-07-11 08:55:12 ----A---- C:\Windows\system32\vbscript.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\urlmon.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-11 08:55:12 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\ntdll.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iertutil.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\iedkcs32.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-11 08:55:11 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 08:55:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\wininet.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\webcheck.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ole32.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msrating.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\msfeeds.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\inseng.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\hal.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtrans.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\dxtmsft.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-07-11 08:55:10 ----A---- C:\Windows\system32\certcli.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 08:55:10 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-07-11 08:55:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\winsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\wdigest.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\TSpkg.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\srcore.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\smss.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\schannel.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rstrui.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpchttp.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\rpcrt4.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\occache.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ncrypt.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\msv1_0.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\mshtmled.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\lsasrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\KernelBase.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kernel32.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\kerberos.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\jscript9diag.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieUnatt.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ieui.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iesetup.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\iernonce.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\ie4uinit.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-11 08:55:09 ----A---- C:\Windows\system32\csrsrv.dll
2018-07-11 08:55:09 ----A---- C:\Windows\system32\conhost.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\auditpol.exe
2018-07-11 08:55:09 ----A---- C:\Windows\system32\advapi32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64win.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64cpu.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\wow64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspisrv.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\sspicli.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\srclient.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\secur32.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\rpcss.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ntvdm64.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\lsass.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jsproxy.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\jscript.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\ieapfltr.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\drivers\appid.sys
2018-07-11 08:55:08 ----A---- C:\Windows\system32\cryptbase.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\credssp.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\comcat.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\bcrypt.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidsvc.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 08:55:08 ----A---- C:\Windows\system32\appidapi.dll
2018-07-11 08:55:08 ----A---- C:\Windows\system32\apisetschema.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 08:55:07 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\user.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-07-11 08:55:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\oleres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msobjs.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\msaudite.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-11 08:55:07 ----A---- C:\Windows\system32\adtschema.dll
======List of files/folders modified in the last 1 month======
2018-08-02 13:33:43 ----D---- C:\Windows\Temp
2018-08-02 12:37:59 ----SHD---- C:\Windows\Installer
2018-08-02 10:56:27 ----D---- C:\Users\Bobik\AppData\Roaming\eM Client
2018-08-02 08:42:46 ----D---- C:\Windows\system32\config
2018-08-02 08:35:25 ----D---- C:\Windows\System32
2018-08-02 08:35:25 ----D---- C:\Windows\inf
2018-08-02 08:35:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-02 08:29:48 ----D---- C:\Program Files\Mozilla Firefox
2018-08-01 21:25:17 ----RD---- C:\Program Files
2018-08-01 21:17:35 ----D---- C:\Windows\system32\drivers
2018-08-01 21:16:34 ----HD---- C:\ProgramData
2018-08-01 21:16:33 ----D---- C:\Program Files (x86)
2018-08-01 21:09:28 ----D---- C:\Windows\Microsoft.NET
2018-08-01 19:34:40 ----SHD---- C:\System Volume Information
2018-08-01 19:34:31 ----A---- C:\missing.ini
2018-08-01 19:34:29 ----AD---- C:\ProgramData\TEMP
2018-08-01 19:05:17 ----D---- C:\Windows\winsxs
2018-08-01 19:04:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-01 19:04:21 ----D---- C:\Windows\SysWOW64
2018-08-01 19:04:21 ----D---- C:\Windows\system32\cs-CZ
2018-08-01 18:59:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-08-01 18:56:19 ----D---- C:\Windows\system32\catroot2
2018-08-01 17:25:12 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-01 17:12:18 ----D---- C:\Program Files (x86)\Cheat Engine 6.7
2018-08-01 17:06:40 ----D---- C:\Windows
2018-08-01 16:51:49 ----D---- C:\Windows\system32\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\Tasks
2018-08-01 16:51:02 ----D---- C:\Windows\system32\wfp
2018-08-01 16:51:01 ----D---- C:\Windows\system32\wbem
2018-08-01 16:50:32 ----D---- C:\Windows\system32\DriverStore
2018-08-01 16:50:32 ----D---- C:\Windows\system32\drivers\etc
2018-08-01 16:50:29 ----D---- C:\ProgramData\Microsoft Help
2018-08-01 16:50:29 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-08-01 16:50:28 ----D---- C:\Windows\registration
2018-08-01 16:48:58 ----D---- C:\Windows\Prefetch
2018-07-27 17:00:36 ----A---- C:\RecorderProtectionError.txt
2018-07-23 20:52:32 ----D---- C:\Users\Bobik\AppData\Roaming\BitTorrent
2018-07-23 19:52:50 ----D---- C:\ProgramData\boost_interprocess
2018-07-11 20:11:52 ----D---- C:\Windows\rescache
2018-07-11 18:03:25 ----RSD---- C:\Windows\assembly
2018-07-11 17:26:00 ----D---- C:\Windows\system32\appraiser
2018-07-11 17:25:59 ----D---- C:\Windows\SYSWOW64\en-US
2018-07-11 17:25:59 ----D---- C:\Program Files\Internet Explorer
2018-07-11 17:25:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-07-11 17:25:58 ----RSD---- C:\Windows\Fonts
2018-07-11 17:25:58 ----D---- C:\Windows\system32\en-US
2018-07-11 17:25:58 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-11 17:25:58 ----D---- C:\Windows\system32\Boot
2018-07-11 17:25:58 ----D---- C:\Windows\AppPatch
2018-07-11 17:19:34 ----D---- C:\Windows\system32\MRT
2018-07-11 17:16:15 ----AC---- C:\Windows\system32\MRT.exe
2018-07-10 20:28:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-07-10 20:28:11 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-11 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-11 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-11 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-11 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-11 381584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-11 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-11 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-11 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-11 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-11 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2014-01-07 516096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-11 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-11 211160]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2016-07-26 11576]
R3 ALSysIO;ALSysIO; \??\C:\Users\Bobik\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-06-12 36562312]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-06-12 520584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2013-08-05 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2013-08-05 94208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-29 3379272]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 36864]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-11 46976]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-01-07 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-07 80384]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FreshIO;FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2014-01-07 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-01-07 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WINUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-06-12 543112]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-11 322464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-01-07 27136]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2017-09-20 498096]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2014-01-07 27136]
R2 Samsung Printer Dianostics Service;Samsung Printer Dianostics Service; C:\Windows\syswow64\\spdsvc.exe [2018-04-25 508488]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2017-08-06 143664]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2014-01-07 27136]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2014-01-07 27136]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-11 7780400]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-21 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2014-01-07 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-07 1255736]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 KvAppService;Keepvid Application Framework Service; C:\Program Files (x86)\Keepvid\KAF\2.4.2.222\KvAppService.exe [2017-03-10 474824]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118272
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nahlé zpomaleni PC
Dllhost je systémový. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Log RSIT je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nahlé zpomaleni PC
ja vim ze dllhost je systemovy ale proc najednou porad vytezuje pc na vic jak 30% a to bez pohybu mysi.
zde je log.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 02.08.18
Čas skenování: 18:41
Logovací soubor: d6bf17aa-9672-11e8-949e-d0509953c5ea.json
Správce: Ano
-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.6171
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Bobik-PC\Bobik
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 254321
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 56 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
zde je log.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 02.08.18
Čas skenování: 18:41
Logovací soubor: d6bf17aa-9672-11e8-949e-d0509953c5ea.json
Správce: Ano
-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.6171
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Bobik-PC\Bobik
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 254321
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 56 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118272
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nahlé zpomaleni PC
Nebxylo nic zjištěno. Zkuste některý ze skenerů zde: https://www.zive.cz/poradna/dllhostexe- ... tanswers=1 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?