Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu (zdá sa pomalší)

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ferenc77
Návštěvník
Návštěvník
Příspěvky: 235
Registrován: 28 lis 2012 13:21

Kontrola logu (zdá sa pomalší)

#1 Příspěvek od ferenc77 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Elen at 2019-02-28 13:40:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 216 GB (71%) free of 305 GB
Total RAM: 3824 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:30, on 28. 2. 2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19296)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Elen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHOHOOK - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8068 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
"C:\Program Files\Fingerprint Sensor\ATService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.0.1188789153\964760041" -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Elen\AppData\LocalLow\Mozilla\Temp-{8b697e44-7397-4045-bc94-de876b22dc11}" 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 1192 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.6.2078737950\832954851" -childID 1 -isForBrowser -prefsHandle 2040 -prefMapHandle 2072 -prefsLen 1 -prefMapSize 186719 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 2132 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.13.1133316222\1896500034" -childID 2 -isForBrowser -prefsHandle 2632 -prefMapHandle 2640 -prefsLen 41 -prefMapSize 186719 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 2652 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.20.1925809156\971771465" -childID 3 -isForBrowser -prefsHandle 2936 -prefMapHandle 2940 -prefsLen 260 -prefMapSize 186719 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 2952 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.27.1264905553\744665395" -childID 4 -isForBrowser -prefsHandle 3612 -prefMapHandle 2260 -prefsLen 6611 -prefMapSize 186719 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 3380 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1108.41.1654572842\1429447720" -childID 6 -isForBrowser -prefsHandle 6960 -prefMapHandle 7100 -prefsLen 6611 -prefMapSize 186719 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1108 "\\.\pipe\gecko-crash-server-pipe.1108" 2584 tab

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2020905331-924975909-1311165131-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2020905331-924975909-1311165131-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\system32\msiexec.exe /V
"C:\Users\Elen\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\yu1a5cmu.default-1515241684207

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@itstructures.com/ffactivex]
"Description"=Firefox ActiveX Plugin
"Path"=C:\Windows\SysWOW64\npffax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DAsicFac]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DitecZepDViewerFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigMessageContainer]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigXadesExtender]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigXadesFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/XmlDataContainerFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@itstructures.com/ffactivex]
"Description"=Firefox ActiveX Plugin
"Path"=C:\Windows\SysWOW64\npffax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\yu1a5cmu.default-1515241684207\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-12-25 229184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-09 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2018-07-18 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-09 245112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9}]
TFPUPWDBankBHO Class - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll [2010-03-02 45488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2018-12-25 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 1744672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-28 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-28 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-28 415256]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmds.exe [2018-12-13 177928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSATray]
C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [2019-01-24 126200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EAC_MW_klient]
C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [2018-10-02 11454864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eIDCertPropagator]
C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe [2018-07-03 533504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eID_klient]
C:\Program Files (x86)\eID klient\eID_klient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader]
C:\Users\Elen\Desktop\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe /minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2011-04-01 80840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFPUPWDBankService]
C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe [2010-03-02 925104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFPUService]
C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [2010-03-02 793008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Elen\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2014-08-01 2815880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Web Signer.lnk]
C:\PROGRA~2\Disig\DISIGW~1.7\Updater\WEBSIG~1.EXE [2018-10-01 178160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-28 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.jbg711"=G711Codec.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-28 13:40:21 ----D---- C:\rsit
2019-02-28 13:40:21 ----D---- C:\Program Files\trend micro
2019-02-27 10:27:03 ----D---- C:\Program Files (x86)\Google
2019-02-21 20:47:52 ----A---- C:\Windows\system32\mshtml.dll
2019-02-21 20:47:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-02-21 20:47:47 ----A---- C:\Windows\system32\jscript9.dll
2019-02-21 20:47:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-02-21 20:47:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-02-21 20:47:45 ----A---- C:\Windows\system32\appraiser.dll
2019-02-21 20:47:45 ----A---- C:\Windows\system32\aeinv.dll
2019-02-21 20:47:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\generaltel.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\devinv.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\centel.dll
2019-02-21 20:47:42 ----A---- C:\Windows\system32\invagent.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\oleaut32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\mssign32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\iertutil.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\crypt32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\aepic.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\acmigration.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\wintrust.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\cryptsvc.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-02-21 20:47:39 ----A---- C:\Windows\system32\aitstatic.exe
2019-02-21 20:47:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-02-21 20:47:38 ----A---- C:\Windows\system32\iedkcs32.dll
2019-02-21 20:47:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-02-21 20:47:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-02-21 20:47:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-02-21 20:47:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-02-21 20:47:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-21 20:47:36 ----A---- C:\Windows\system32\hal.dll
2019-02-21 20:47:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-02-21 20:47:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\wininet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\ntdll.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\cryptnet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\certcli.dll
2019-02-21 20:47:34 ----A---- C:\Windows\system32\ieframe.dll
2019-02-21 20:47:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-02-21 20:47:33 ----A---- C:\Windows\system32\urlmon.dll
2019-02-21 20:47:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-02-21 20:47:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\vbscript.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\ole32.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\msfeeds.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\jscript.dll
2019-02-21 20:47:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-02-21 20:47:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-02-21 20:47:31 ----A---- C:\Windows\system32\rpcrt4.dll
2019-02-21 20:47:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-02-21 20:47:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-02-21 20:47:30 ----A---- C:\Windows\system32\rpcss.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\lsasrv.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\kerberos.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\ieui.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\ieapfltr.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-02-21 20:47:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-02-21 20:47:28 ----A---- C:\Windows\system32\webcheck.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\mshtmled.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\dxtrans.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\dxtmsft.dll
2019-02-21 20:47:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-02-21 20:47:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\smss.exe
2019-02-21 20:47:27 ----A---- C:\Windows\system32\schannel.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\occache.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\msrating.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\jscript9diag.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\advapi32.dll
2019-02-21 20:47:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-02-21 20:47:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\msv1_0.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\kernel32.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\jsproxy.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\wdigest.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\ncrypt.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\inseng.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\ieUnatt.exe
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\wow64win.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\winsrv.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\TSpkg.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\srcore.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\KernelBase.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\iesetup.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\ie4uinit.exe
2019-02-21 20:47:24 ----A---- C:\Windows\system32\bcrypt.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\wow64.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\sspicli.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\rpchttp.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\iernonce.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\csrsrv.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\cryptbase.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\conhost.exe
2019-02-21 20:47:23 ----A---- C:\Windows\system32\comcat.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\wow64cpu.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\sspisrv.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\srclient.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\secur32.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\rstrui.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\lsass.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\processr.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\appid.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\credssp.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\auditpol.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidsvc.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidapi.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-02-21 20:47:21 ----A---- C:\Windows\system32\tzres.dll
2019-02-21 20:47:21 ----A---- C:\Windows\system32\ntvdm64.dll
2019-02-21 20:47:21 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-21 20:47:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-02-21 20:47:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\user.exe
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-02-21 20:47:19 ----A---- C:\Windows\system32\apisetschema.dll
2019-02-21 20:47:18 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-02-21 20:47:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-02-21 20:47:18 ----A---- C:\Windows\system32\oleres.dll
2019-02-21 20:47:18 ----A---- C:\Windows\system32\adtschema.dll
2019-02-21 20:47:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-02-21 20:47:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\msobjs.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\msaudite.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 12:18:01 ----A---- C:\Windows\system32\win32k.sys
2019-02-13 12:18:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-02-13 12:18:00 ----A---- C:\Windows\system32\msi.dll
2019-02-13 12:17:56 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-02-13 12:17:52 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-02-13 12:17:52 ----A---- C:\Windows\system32\mf3216.dll
2019-02-13 12:17:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-02-13 12:17:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-02-13 12:17:50 ----A---- C:\Windows\system32\consent.exe
2019-02-13 12:17:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-02-13 12:17:47 ----A---- C:\Windows\system32\drivers\srv.sys
2019-02-13 12:17:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-02-13 12:17:46 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-02-13 12:17:46 ----A---- C:\Windows\system32\sscore.dll
2019-02-13 12:17:46 ----A---- C:\Windows\system32\srvsvc.dll
2019-02-13 12:17:45 ----A---- C:\Windows\system32\msimg32.dll
2019-02-13 12:17:43 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-02-13 12:17:39 ----A---- C:\Windows\system32\authui.dll
2019-02-13 12:17:31 ----A---- C:\Windows\system32\msiexec.exe
2019-02-13 12:17:29 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-02-13 12:17:29 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-02-13 12:17:28 ----A---- C:\Windows\system32\msihnd.dll
2019-02-13 12:17:27 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-02-13 12:17:26 ----A---- C:\Windows\system32\appinfo.dll
2019-02-13 12:17:25 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-02-13 12:17:22 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-02-13 12:17:14 ----A---- C:\Windows\system32\msimsg.dll
2019-02-13 12:17:13 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-01-30 12:00:22 ----D---- C:\Program Files\Microsoft.NET
2019-01-30 10:46:31 ----D---- C:\Program Files\KMSpico
2019-01-30 10:17:13 ----D---- C:\Program Files\Common Files\DESIGNER
2019-01-30 10:16:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2019-01-30 10:16:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 10:15:36 ----D---- C:\Windows\PCHEALTH
2019-01-30 10:15:36 ----D---- C:\Program Files\Microsoft SQL Server
2019-01-30 10:12:06 ----D---- C:\Program Files\Microsoft Analysis Services
2019-01-30 10:12:06 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2019-01-30 10:11:38 ----D---- C:\Program Files\Microsoft Office
2019-01-30 10:10:52 ----RHD---- C:\MSOCache
2019-01-30 08:25:57 ----D---- C:\ProgramData\Mozilla

======List of files/folders modified in the last 1 month======

2019-02-28 13:40:30 ----D---- C:\Windows\Prefetch
2019-02-28 13:40:21 ----RD---- C:\Program Files
2019-02-28 13:40:19 ----D---- C:\Windows\Temp
2019-02-28 13:40:04 ----D---- C:\Windows\system32\Tasks
2019-02-28 13:40:01 ----SHD---- C:\Windows\Installer
2019-02-28 07:06:18 ----D---- C:\Windows\system32\config
2019-02-27 10:28:06 ----RD---- C:\Program Files (x86)
2019-02-27 09:31:15 ----SHD---- C:\System Volume Information
2019-02-26 18:38:20 ----D---- C:\Windows\System32
2019-02-26 18:38:20 ----D---- C:\Windows\inf
2019-02-26 18:38:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-02-26 15:33:18 ----D---- C:\Users\Elen\AppData\Roaming\vlc
2019-02-25 18:49:39 ----D---- C:\Program Files (x86)\Intel Driver and Support Assistant
2019-02-24 19:51:18 ----D---- C:\Windows\rescache
2019-02-23 09:22:34 ----D---- C:\Windows\SysWOW64
2019-02-21 21:57:05 ----D---- C:\Windows\Microsoft.NET
2019-02-21 21:40:48 ----D---- C:\Windows\winsxs
2019-02-21 21:34:45 ----D---- C:\Windows\SYSWOW64\sk-SK
2019-02-21 21:34:45 ----D---- C:\Windows\SYSWOW64\en-US
2019-02-21 21:34:45 ----D---- C:\Program Files\Internet Explorer
2019-02-21 21:34:45 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-21 21:34:44 ----SD---- C:\Windows\system32\CompatTel
2019-02-21 21:34:44 ----D---- C:\Windows\system32\sk-SK
2019-02-21 21:34:44 ----D---- C:\Windows\system32\en-US
2019-02-21 21:34:44 ----D---- C:\Windows\system32\drivers
2019-02-21 21:34:44 ----D---- C:\Windows\system32\appraiser
2019-02-21 21:34:43 ----D---- C:\Windows\system32\Boot
2019-02-21 21:34:43 ----D---- C:\Windows\AppPatch
2019-02-21 21:34:42 ----D---- C:\Windows\system32\DriverStore
2019-02-21 20:54:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-02-21 20:32:32 ----D---- C:\Windows\system32\catroot2
2019-02-21 20:14:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-21 15:36:45 ----RD---- C:\PLOCHA
2019-02-14 13:16:11 ----RSD---- C:\Windows\assembly
2019-02-14 10:34:24 ----D---- C:\Program Files\Mozilla Firefox
2019-02-14 10:30:15 ----D---- C:\Program Files\CCleaner
2019-02-14 10:25:34 ----D---- C:\Windows\system32\drivers\en-US
2019-02-14 10:08:09 ----D---- C:\ProgramData\Microsoft Help
2019-02-14 09:42:44 ----D---- C:\Windows\system32\MRT
2019-02-14 09:34:54 ----AC---- C:\Windows\system32\MRT.exe
2019-02-12 18:56:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-02-12 18:56:17 ----D---- C:\Windows\system32\Macromed
2019-02-12 18:56:10 ----D---- C:\Windows\SYSWOW64\Macromed
2019-02-09 16:06:01 ----A---- C:\Windows\win.ini
2019-02-01 09:40:31 ----D---- C:\Program Files\Common Files\Microsoft Shared
2019-02-01 09:40:02 ----RSD---- C:\Windows\Fonts
2019-02-01 09:32:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-01-30 18:16:21 ----SD---- C:\Users\Elen\AppData\Roaming\Microsoft
2019-01-30 12:00:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2019-01-30 10:17:21 ----D---- C:\Windows\ShellNew
2019-01-30 10:17:13 ----D---- C:\Program Files\Common Files
2019-01-30 10:16:16 ----HD---- C:\ProgramData
2019-01-30 10:15:36 ----SD---- C:\ProgramData\Microsoft
2019-01-30 10:15:36 ----D---- C:\Windows
2019-01-30 10:13:01 ----D---- C:\Program Files\Common Files\System
2019-01-30 10:11:40 ----D---- C:\Program Files (x86)\Microsoft Office
2019-01-30 10:09:35 ----D---- C:\Program Files (x86)\Common Files
2019-01-30 10:09:23 ----D---- C:\Program Files (x86)\MSBuild

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-11-06 107896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-11-06 143448]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-11-06 188832]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-11-06 82304]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-11-06 61528]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-11-06 109864]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2012-06-12 83032]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys [2009-07-28 81408]
R2 rixdpcie;rixdpcie; C:\Windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2016-07-26 11576]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-06-17 770152]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2012-07-27 55288]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2014-10-24 309360]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2014-06-21 53624]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2012-08-01 95088]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2014-06-22 95096]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2015-05-12 29184]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2015-05-12 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2015-05-12 37376]
S3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2016-10-17 137712]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2012-05-10 69568]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-11-06 50144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2010-06-17 2734912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [2019-01-24 23288]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-12-13 2302160]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-12-13 2302160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-03-02 977088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-02-12 335872]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-02-16 116224]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-02-14 239056]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2014-11-01 179608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-03-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu (zdá sa pomalší)

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ferenc77
Návštěvník
Návštěvník
Příspěvky: 235
Registrován: 28 lis 2012 13:21

Re: Kontrola logu (zdá sa pomalší)

#3 Příspěvek od ferenc77 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-28-2019
# Duration: 00:00:05
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1276 octets] - [28/02/2019 18:25:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu (zdá sa pomalší)

#4 Příspěvek od Rudy »

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\KMSpico

:services
Service KMSELDI

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ferenc77
Návštěvník
Návštěvník
Příspěvky: 235
Registrován: 28 lis 2012 13:21

Re: Kontrola logu (zdá sa pomalší)

#5 Příspěvek od ferenc77 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Elen at 2019-02-28 19:08:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 216 GB (71%) free of 305 GB
Total RAM: 3824 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:19, on 28. 2. 2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19296)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Elen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHOHOOK - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7829 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
winlogon.exe
"C:\Program Files\Fingerprint Sensor\ATService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1404.0.1647156166\1992195919" -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Elen\AppData\LocalLow\Mozilla\Temp-{8b697e44-7397-4045-bc94-de876b22dc11}" 1404 "\\.\pipe\gecko-crash-server-pipe.1404" 1156 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1404.6.571649839\1857933117" -childID 1 -isForBrowser -prefsHandle 1960 -prefMapHandle 1956 -prefsLen 1 -prefMapSize 186647 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1404 "\\.\pipe\gecko-crash-server-pipe.1404" 1932 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1404.13.707046238\539723976" -childID 2 -isForBrowser -prefsHandle 2636 -prefMapHandle 2688 -prefsLen 41 -prefMapSize 186647 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1404 "\\.\pipe\gecko-crash-server-pipe.1404" 2700 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1404.20.1023370375\672177018" -childID 3 -isForBrowser -prefsHandle 3600 -prefMapHandle 3460 -prefsLen 5118 -prefMapSize 186647 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1404 "\\.\pipe\gecko-crash-server-pipe.1404" 3148 tab
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Elen\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\yu1a5cmu.default-1515241684207

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@itstructures.com/ffactivex]
"Description"=Firefox ActiveX Plugin
"Path"=C:\Windows\SysWOW64\npffax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DAsicFac]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DitecZepDViewerFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigMessageContainer]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigXadesExtender]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/DSigXadesFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ditec.sk/XmlDataContainerFb]
"Description"=
"Path"=C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.142 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@itstructures.com/ffactivex]
"Description"=Firefox ActiveX Plugin
"Path"=C:\Windows\SysWOW64\npffax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\yu1a5cmu.default-1515241684207\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-12-25 229184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-09 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2018-07-18 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-09 245112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9}]
TFPUPWDBankBHO Class - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll [2010-03-02 45488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2018-12-25 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 1744672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-28 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-28 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-28 415256]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmds.exe [2018-12-13 177928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSATray]
C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EAC_MW_klient]
C:\Program Files (x86)\EAC MW klient\EAC_MW_klient.exe [2018-10-02 11454864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eIDCertPropagator]
C:\Program Files (x86)\EAC MW klient\eIDCertPropagator.exe [2018-07-03 533504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eID_klient]
C:\Program Files (x86)\eID klient\eID_klient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader]
C:\Users\Elen\Desktop\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe /minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2011-04-01 80840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFPUPWDBankService]
C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe [2010-03-02 925104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFPUService]
C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe [2010-03-02 793008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Elen\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2014-08-01 2815880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Web Signer.lnk]
C:\PROGRA~2\Disig\DISIGW~1.7\Updater\WEBSIG~1.EXE [2018-10-01 178160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-28 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.jbg711"=G711Codec.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-28 19:02:32 ----D---- C:\_OTM
2019-02-28 18:24:57 ----D---- C:\AdwCleaner
2019-02-28 13:40:21 ----D---- C:\rsit
2019-02-28 13:40:21 ----D---- C:\Program Files\trend micro
2019-02-27 10:27:03 ----D---- C:\Program Files (x86)\Google
2019-02-21 20:47:52 ----A---- C:\Windows\system32\mshtml.dll
2019-02-21 20:47:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-02-21 20:47:47 ----A---- C:\Windows\system32\jscript9.dll
2019-02-21 20:47:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-02-21 20:47:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-02-21 20:47:45 ----A---- C:\Windows\system32\appraiser.dll
2019-02-21 20:47:45 ----A---- C:\Windows\system32\aeinv.dll
2019-02-21 20:47:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\generaltel.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\devinv.dll
2019-02-21 20:47:44 ----A---- C:\Windows\system32\centel.dll
2019-02-21 20:47:42 ----A---- C:\Windows\system32\invagent.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\oleaut32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\mssign32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\iertutil.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\crypt32.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\aepic.dll
2019-02-21 20:47:40 ----A---- C:\Windows\system32\acmigration.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-02-21 20:47:39 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\wintrust.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\cryptsvc.dll
2019-02-21 20:47:39 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-02-21 20:47:39 ----A---- C:\Windows\system32\aitstatic.exe
2019-02-21 20:47:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-02-21 20:47:38 ----A---- C:\Windows\system32\iedkcs32.dll
2019-02-21 20:47:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-02-21 20:47:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-02-21 20:47:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-02-21 20:47:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-02-21 20:47:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-21 20:47:36 ----A---- C:\Windows\system32\hal.dll
2019-02-21 20:47:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-02-21 20:47:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\wininet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\ntdll.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\cryptnet.dll
2019-02-21 20:47:35 ----A---- C:\Windows\system32\certcli.dll
2019-02-21 20:47:34 ----A---- C:\Windows\system32\ieframe.dll
2019-02-21 20:47:33 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-02-21 20:47:33 ----A---- C:\Windows\system32\urlmon.dll
2019-02-21 20:47:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-02-21 20:47:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\vbscript.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\ole32.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\msfeeds.dll
2019-02-21 20:47:32 ----A---- C:\Windows\system32\jscript.dll
2019-02-21 20:47:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-02-21 20:47:31 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-02-21 20:47:31 ----A---- C:\Windows\system32\rpcrt4.dll
2019-02-21 20:47:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-02-21 20:47:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-02-21 20:47:30 ----A---- C:\Windows\system32\rpcss.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\lsasrv.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\kerberos.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\ieui.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\ieapfltr.dll
2019-02-21 20:47:29 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-02-21 20:47:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-02-21 20:47:28 ----A---- C:\Windows\system32\webcheck.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\mshtmled.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\dxtrans.dll
2019-02-21 20:47:28 ----A---- C:\Windows\system32\dxtmsft.dll
2019-02-21 20:47:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-02-21 20:47:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\smss.exe
2019-02-21 20:47:27 ----A---- C:\Windows\system32\schannel.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\occache.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\msrating.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\jscript9diag.dll
2019-02-21 20:47:27 ----A---- C:\Windows\system32\advapi32.dll
2019-02-21 20:47:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-02-21 20:47:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\msv1_0.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\kernel32.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\jsproxy.dll
2019-02-21 20:47:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-02-21 20:47:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\wdigest.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\ncrypt.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\inseng.dll
2019-02-21 20:47:25 ----A---- C:\Windows\system32\ieUnatt.exe
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-02-21 20:47:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\wow64win.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\winsrv.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\TSpkg.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\srcore.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\KernelBase.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\iesetup.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-02-21 20:47:24 ----A---- C:\Windows\system32\ie4uinit.exe
2019-02-21 20:47:24 ----A---- C:\Windows\system32\bcrypt.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-02-21 20:47:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\wow64.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\sspicli.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\rpchttp.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\iernonce.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-02-21 20:47:23 ----A---- C:\Windows\system32\csrsrv.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\cryptbase.dll
2019-02-21 20:47:23 ----A---- C:\Windows\system32\conhost.exe
2019-02-21 20:47:23 ----A---- C:\Windows\system32\comcat.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-02-21 20:47:22 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\wow64cpu.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\sspisrv.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\srclient.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\secur32.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\rstrui.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\lsass.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\processr.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\appid.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-02-21 20:47:22 ----A---- C:\Windows\system32\credssp.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\auditpol.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidsvc.dll
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-02-21 20:47:22 ----A---- C:\Windows\system32\appidapi.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-21 20:47:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-02-21 20:47:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-02-21 20:47:21 ----A---- C:\Windows\system32\tzres.dll
2019-02-21 20:47:21 ----A---- C:\Windows\system32\ntvdm64.dll
2019-02-21 20:47:21 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-21 20:47:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-21 20:47:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-02-21 20:47:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-21 20:47:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\user.exe
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-02-21 20:47:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-02-21 20:47:19 ----A---- C:\Windows\system32\apisetschema.dll
2019-02-21 20:47:18 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-02-21 20:47:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-02-21 20:47:18 ----A---- C:\Windows\system32\oleres.dll
2019-02-21 20:47:18 ----A---- C:\Windows\system32\adtschema.dll
2019-02-21 20:47:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-02-21 20:47:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\msobjs.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\msaudite.dll
2019-02-21 20:47:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 12:18:01 ----A---- C:\Windows\system32\win32k.sys
2019-02-13 12:18:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-02-13 12:18:00 ----A---- C:\Windows\system32\msi.dll
2019-02-13 12:17:56 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-02-13 12:17:52 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-02-13 12:17:52 ----A---- C:\Windows\system32\mf3216.dll
2019-02-13 12:17:52 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-02-13 12:17:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-02-13 12:17:50 ----A---- C:\Windows\system32\consent.exe
2019-02-13 12:17:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-02-13 12:17:47 ----A---- C:\Windows\system32\drivers\srv.sys
2019-02-13 12:17:46 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-02-13 12:17:46 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-02-13 12:17:46 ----A---- C:\Windows\system32\sscore.dll
2019-02-13 12:17:46 ----A---- C:\Windows\system32\srvsvc.dll
2019-02-13 12:17:45 ----A---- C:\Windows\system32\msimg32.dll
2019-02-13 12:17:43 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-02-13 12:17:39 ----A---- C:\Windows\system32\authui.dll
2019-02-13 12:17:31 ----A---- C:\Windows\system32\msiexec.exe
2019-02-13 12:17:29 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-02-13 12:17:29 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-02-13 12:17:28 ----A---- C:\Windows\system32\msihnd.dll
2019-02-13 12:17:27 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-02-13 12:17:26 ----A---- C:\Windows\system32\appinfo.dll
2019-02-13 12:17:25 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-02-13 12:17:22 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-02-13 12:17:14 ----A---- C:\Windows\system32\msimsg.dll
2019-02-13 12:17:13 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-01-30 12:00:22 ----D---- C:\Program Files\Microsoft.NET
2019-01-30 10:17:13 ----D---- C:\Program Files\Common Files\DESIGNER
2019-01-30 10:16:43 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2019-01-30 10:16:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 10:15:36 ----D---- C:\Windows\PCHEALTH
2019-01-30 10:15:36 ----D---- C:\Program Files\Microsoft SQL Server
2019-01-30 10:12:06 ----D---- C:\Program Files\Microsoft Analysis Services
2019-01-30 10:12:06 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2019-01-30 10:11:38 ----D---- C:\Program Files\Microsoft Office
2019-01-30 10:10:52 ----RHD---- C:\MSOCache
2019-01-30 08:25:57 ----D---- C:\ProgramData\Mozilla

======List of files/folders modified in the last 1 month======

2019-02-28 19:08:14 ----D---- C:\Windows\Temp
2019-02-28 19:03:03 ----D---- C:\Windows\system32\config
2019-02-28 19:02:35 ----RD---- C:\Program Files
2019-02-28 19:02:12 ----D---- C:\Windows\Prefetch
2019-02-28 18:56:29 ----D---- C:\Windows\winsxs
2019-02-28 18:29:25 ----D---- C:\Windows\system32\Tasks
2019-02-28 14:05:13 ----SHD---- C:\Windows\Installer
2019-02-28 14:05:13 ----D---- C:\ProgramData\Package Cache
2019-02-28 14:05:00 ----RD---- C:\Program Files (x86)
2019-02-28 14:04:26 ----SHD---- C:\System Volume Information
2019-02-26 18:38:20 ----D---- C:\Windows\System32
2019-02-26 18:38:20 ----D---- C:\Windows\inf
2019-02-26 18:38:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-02-26 15:33:18 ----D---- C:\Users\Elen\AppData\Roaming\vlc
2019-02-24 19:51:18 ----D---- C:\Windows\rescache
2019-02-23 09:22:34 ----D---- C:\Windows\SysWOW64
2019-02-21 21:57:05 ----D---- C:\Windows\Microsoft.NET
2019-02-21 21:34:45 ----D---- C:\Windows\SYSWOW64\sk-SK
2019-02-21 21:34:45 ----D---- C:\Windows\SYSWOW64\en-US
2019-02-21 21:34:45 ----D---- C:\Program Files\Internet Explorer
2019-02-21 21:34:45 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-21 21:34:44 ----SD---- C:\Windows\system32\CompatTel
2019-02-21 21:34:44 ----D---- C:\Windows\system32\sk-SK
2019-02-21 21:34:44 ----D---- C:\Windows\system32\en-US
2019-02-21 21:34:44 ----D---- C:\Windows\system32\drivers
2019-02-21 21:34:44 ----D---- C:\Windows\system32\appraiser
2019-02-21 21:34:43 ----D---- C:\Windows\system32\Boot
2019-02-21 21:34:43 ----D---- C:\Windows\AppPatch
2019-02-21 21:34:42 ----D---- C:\Windows\system32\DriverStore
2019-02-21 20:54:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-02-21 20:32:32 ----D---- C:\Windows\system32\catroot2
2019-02-21 20:14:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-21 15:36:45 ----RD---- C:\PLOCHA
2019-02-14 13:16:11 ----RSD---- C:\Windows\assembly
2019-02-14 10:34:24 ----D---- C:\Program Files\Mozilla Firefox
2019-02-14 10:30:15 ----D---- C:\Program Files\CCleaner
2019-02-14 10:25:34 ----D---- C:\Windows\system32\drivers\en-US
2019-02-14 10:08:09 ----D---- C:\ProgramData\Microsoft Help
2019-02-14 09:42:44 ----D---- C:\Windows\system32\MRT
2019-02-14 09:34:54 ----AC---- C:\Windows\system32\MRT.exe
2019-02-12 18:56:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-02-12 18:56:17 ----D---- C:\Windows\system32\Macromed
2019-02-12 18:56:10 ----D---- C:\Windows\SYSWOW64\Macromed
2019-02-09 16:06:01 ----A---- C:\Windows\win.ini
2019-02-01 09:40:31 ----D---- C:\Program Files\Common Files\Microsoft Shared
2019-02-01 09:40:02 ----RSD---- C:\Windows\Fonts
2019-02-01 09:32:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-01-30 18:16:21 ----SD---- C:\Users\Elen\AppData\Roaming\Microsoft
2019-01-30 12:00:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2019-01-30 10:17:21 ----D---- C:\Windows\ShellNew
2019-01-30 10:17:13 ----D---- C:\Program Files\Common Files
2019-01-30 10:16:16 ----HD---- C:\ProgramData
2019-01-30 10:15:36 ----SD---- C:\ProgramData\Microsoft
2019-01-30 10:15:36 ----D---- C:\Windows
2019-01-30 10:13:01 ----D---- C:\Program Files\Common Files\System
2019-01-30 10:11:40 ----D---- C:\Program Files (x86)\Microsoft Office
2019-01-30 10:09:35 ----D---- C:\Program Files (x86)\Common Files
2019-01-30 10:09:23 ----D---- C:\Program Files (x86)\MSBuild

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-11-06 107896]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-11-06 143448]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-11-06 188832]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-11-06 82304]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-11-06 61528]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-11-06 109864]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2012-06-12 83032]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe64.sys [2009-07-28 81408]
R2 rixdpcie;rixdpcie; C:\Windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2016-07-26 11576]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-06-17 770152]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2012-07-27 55288]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2014-10-24 309360]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2014-06-21 53624]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2012-08-01 95088]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2014-06-22 95096]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2015-05-12 29184]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2015-05-12 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2015-05-12 37376]
S3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2016-10-17 137712]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2012-05-10 69568]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-11-06 50144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2010-06-17 2734912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-12-13 2302160]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-12-13 2302160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-02-12 335872]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-02-16 116224]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-02-14 239056]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2014-11-01 179608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-03-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu (zdá sa pomalší)

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ferenc77
Návštěvník
Návštěvník
Příspěvky: 235
Registrován: 28 lis 2012 13:21

Re: Kontrola logu (zdá sa pomalší)

#7 Příspěvek od ferenc77 »

Áno, ďakujem za pomoc. Prajem pekný víkend

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu (zdá sa pomalší)

#8 Příspěvek od Rudy »

Hezký víkend i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno