vytěžování procesoru - rundll32

Zpráva

Lord Excalibur · #1 Příspěvek od **Lord Excalibur** » 05 črc 2019 11:20

Dobrý den,
poslední dobou mi skupina procesů rundll32 nadměrně vytěžuje procesor, okolo 30%. Hádám, že tam bude dost bordelu, dlouho se to nečistilo.
Přikládám log po restartu PC, nic jsem nespouštěl ani nevypínal. Bohužel to ten proces zatím nevytěžuje. Pokud bude třeba, hodím druhý.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Excalibur at 2019-07-05 12:13:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 35 GB (15%) free of 229 GB
Total RAM: 8010 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:40, on 5.7.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\TwitchAgent.exe
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Program Files\trend micro\Excalibur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Discord] C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Spotify] C:\Users\Excalibur\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Twitch.lnk = Excalibur\AppData\Roaming\Twitch\Bin\Twitch.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 11830 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"taskhost.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe" "winlogon"
"C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe" "default"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\sppsvc.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Users\EXCALI~1\AppData\Local\Temp\Twitch\Twitch.exe" /sourceexe "C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Twitch.exe" /destination "C:\Users\Excalibur\AppData\Roaming\Twitch" /temp "/startup"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
-BootProc
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe -Embedding
-BootProc
"C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=gpu-process --enable-features=SharedArrayBuffer --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=11716688952282759048 --mojo-platform-channel-handle=1456 /prefetch:2
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe" /releaseType=Live "/startup" /launch-id=9D51BC43B1BD445B875892122339781E /metrics=W3sibGF1bmNoZXJJbml0VGltZSI6eyJzdGFydFRpbWUiOjE1NjIzMjExMDkzNjgsImR1cmF0aW9uIjoyMH0sImxhdW5jaGVyVXBkYXRlIjp7InN0YXJ0VGltZSI6MTU2MjMyMTEwOTQwOSwiZHVyYXRpb24iOjIxMjV9LCJsYXVuY2hlcldpbmRvd1Nob3ciOnsic3RhcnRUaW1lIjoxNTYyMzIxMTA5Mzg4LCJkdXJhdGlvbiI6MjF9LCJlbGVjdHJvbkxhdW5jaCI6eyJzdGFydFRpbWUiOjE1NjIzMjExMTE1MzQsImR1cmF0aW9uIjowfX1d
"C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe" --type=gpu-process --enable-features=FixAltGraph --no-sandbox --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=55959245F26F2E80110D9719A0C0CCAE --mojo-platform-channel-handle=1456 /prefetch:2
"C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe" --type=renderer --no-sandbox --enable-features=FixAltGraph --service-pipe-token=D35BB41A31F0948D4362ED0A8BBC6C4B --lang=cs --standard-schemes=offline --secure-schemes=offline --app-user-model-id=Twitch.Twitch.5a44792529e1c43237a8cf22fa8b434f --app-path="C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar\preload.js" --background-color=#ffffff --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D35BB41A31F0948D4362ED0A8BBC6C4B --renderer-client-id=4 --mojo-platform-channel-handle=1776 /prefetch:1
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe --reporter-url= --application-name=Twitch "--crashes-directory=C:\Users\EXCALI~1\AppData\Local\Temp\Twitch Crashes" --v=1
C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\TwitchAgent.exe /dataPath=C:\Users\Excalibur\AppData\Roaming\Twitch /buildId=19ffc1d8-772c-482a-98d2-3279ab6665bc /deviceId=f5ffff6e687d404699b5743c43edf655
"C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe" --type=renderer --no-sandbox --enable-features=FixAltGraph --service-pipe-token=E32B68E2065F2EB37F2FF60496A39A01 --lang=cs --standard-schemes=offline --secure-schemes=offline --app-user-model-id=Twitch.Twitch.5a44792529e1c43237a8cf22fa8b434f --app-path="C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Electron\resources\app.asar\preload.js" --background-color=#fff --guest-instance-id=1 --enable-blink-features --disable-blink-features --hidden-page --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=E32B68E2065F2EB37F2FF60496A39A01 --renderer-client-id=6 --mojo-platform-channel-handle=2356 /prefetch:1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe --reporter-url=https://sentry.io/api/146342/minidump/? ... be03b2b35a --application-name=Discord "--crashes-directory=C:\Users\EXCALI~1\AppData\Local\Temp\Discord Crashes" --v=1
"C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-color-profile=srgb --enable-features=SharedArrayBuffer --service-pipe-token=8929501522262990517 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\resources\app.asar" --node-integration=false --webview-tag=false --no-sandbox --native-window-open --preload="C:\Users\Excalibur\AppData\Roaming\discord\0.0.305\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8929501522262990517 --renderer-client-id=6 --mojo-platform-channel-handle=2172 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {5365E5CF-2D29-494C-BB52-44F88B42FF3F}

taskmgr.exe /3
"C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Excalibur\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-17 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-17 245112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2019-03-04 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2019-03-04 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-10 2864016]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-14 12448872]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-02-08 1158248]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-05-16 170304]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-05-16 440128]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-03-08 1021056]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-03-08 800896]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-15 2398776]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-06-15 1767760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Discord"=C:\Users\Excalibur\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Spotify"=C:\Users\Excalibur\AppData\Roaming\Spotify\Spotify.exe [2019-04-23 25184488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpicGamesLauncher]
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2019-03-04 35242384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2019-04-30 3152160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Excalibur\AppData\Roaming\uTorrent\uTorrent.exe [2018-04-16 1983672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wargaming.net Game Center]
C:\Program Files (x86)\Wargaming.net\GameCenter\wgc.exe [2019-02-28 2536824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-10-08 2137744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks]
C:\Games\World_of_Tanks\WargamingGameUpdater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Excalibur^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Twitch.lnk]
C:\Users\EXCALI~1\AppData\Roaming\Twitch\Bin\Twitch.exe [2019-05-12 874984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-26 291608]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-03-23 1105488]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-05-22 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2019-04-02 5890504]

C:\Users\Excalibur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Twitch.lnk - C:\Users\Excalibur\AppData\Roaming\Twitch\Bin\Twitch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-05-10 436224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-07-05 12:09:13 ----D---- C:\rsit
2019-07-05 12:09:13 ----D---- C:\Program Files\trend micro
2019-07-03 09:05:37 ----D---- C:\ProgramData\modloader
2019-06-23 15:47:23 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2019-06-23 15:45:49 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2019-06-23 15:45:49 ----A---- C:\Windows\system32\drivers\nvvad64v.sys

======List of files/folders modified in the last 1 month======

2019-07-05 12:13:40 ----D---- C:\Windows\Temp
2019-07-05 12:09:52 ----D---- C:\Windows\System32
2019-07-05 12:09:52 ----D---- C:\Windows\inf
2019-07-05 12:09:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-07-05 12:09:13 ----RD---- C:\Program Files
2019-07-05 12:07:06 ----A---- C:\Windows\SYSWOW64\log.txt
2019-07-05 12:05:15 ----D---- C:\Windows\Prefetch
2019-07-05 12:05:13 ----D---- C:\Users\Excalibur\AppData\Roaming\Twitch
2019-07-05 12:05:09 ----D---- C:\Windows\SYSWOW64\Macromed
2019-07-05 12:04:36 ----D---- C:\Program Files (x86)\TeamViewer
2019-07-05 11:09:25 ----D---- C:\Users\Excalibur\AppData\Roaming\discord
2019-07-05 00:17:29 ----SHD---- C:\System Volume Information
2019-07-03 11:07:22 ----D---- C:\Windows
2019-07-03 09:05:37 ----HD---- C:\ProgramData
2019-07-02 02:04:50 ----D---- C:\Windows\system32\config
2019-06-23 15:47:41 ----D---- C:\ProgramData\NVIDIA Corporation
2019-06-23 15:47:16 ----D---- C:\Windows\system32\DriverStore
2019-06-23 15:47:00 ----SHD---- C:\Windows\Installer
2019-06-23 15:46:45 ----D---- C:\ProgramData\Package Cache
2019-06-23 15:46:17 ----D---- C:\Windows\SysWOW64
2019-06-23 15:46:17 ----AD---- C:\Windows\system32\drivers
2019-06-23 15:25:21 ----D---- C:\Program Files (x86)\Steam
2019-06-20 18:15:22 ----D---- C:\Users\Excalibur\AppData\Roaming\vlc
2019-06-18 22:01:34 ----D---- C:\Windows\system32\Tasks
2019-06-16 03:46:01 ----D---- C:\ProgramData\Path of Building
2019-06-14 11:12:27 ----D---- C:\Program Files (x86)\Brother

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-26 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2018-05-09 984376]
R1 VBoxUSBMon;VirtualBox USB Monitor Service; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2018-05-09 168896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 IntelHaxm;Intel HAXM Service; C:\Windows\system32\DRIVERS\IntelHaxm.sys [2018-09-19 190512]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2017-04-25 43168]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2012-01-20 16128]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-03-08 30848]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-01-22 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-01-22 47672]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-10 315280]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2017-05-22 35648]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-05-10 14759136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-02-14 4744808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-26 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-26 788760]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-01-15 118352]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [2018-05-09 213080]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2017-04-25 310728]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-03-08 36480]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
S3 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2018-09-21 303712]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-03-08 340096]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-03-08 111232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-03-08 168064]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-03-08 68736]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-03-08 281472]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-03-08 551552]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-03-14 353864]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-03-08 107648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-15 1165368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2019-04-02 3361736]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-05-27 419248]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-15 1881144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 TeamViewer;TeamViewer 14; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2019-06-05 11814232]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [2017-03-01 474768]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 MouseWithoutBordersSvc;Mouse without Borders Service; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [2016-10-03 28552]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-15 2522680]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-07-08 3148184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-04 335872]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2017-11-10 363208]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-05-16 276288]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-12-22 1471168]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2018-04-25 383016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-15 3634232]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-07-08 2168208]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-17 1641248]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-01-20 149504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 05 črc 2019 11:47

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Lord Excalibur · #3 Příspěvek od **Lord Excalibur** » 05 črc 2019 12:39

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-05-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 6
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\Temp\Smartbar

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\ERRORFIXKIT

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5C412C4-008E-4867-B3DA-C78241E041C2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ErrorFixKIT
Deleted HKLM\Software\ErrorFixKIT

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1630 octets] - [05/07/2019 13:32:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 05 črc 2019 18:20

OK. Dejte nový log RSIT.

VIRY.CZ

vytěžování procesoru - rundll32

vytěžování procesoru - rundll32

Re: vytěžování procesoru - rundll32

Re: vytěžování procesoru - rundll32

Re: vytěžování procesoru - rundll32