Logfile of random's system information tool 1.10 (written by random/random)
Run by MB1 at 2016-03-04 15:36:41
Microsoft Windows 10 Home
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 3996 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:49, on 4.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\MB1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Money Viking - {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Epson Stylus SX110] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SD653.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SC007.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{36f1f689-19e7-4b99-a320-93d27cca2194}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{36f1f689-19e7-4b99-a320-93d27cca2194}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9933 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
taskeng.exe {F85DC518-F0F1-4FB2-AA35-6230B890A74F}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
igfxEM.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFBE.EXE" /FU "C:\WINDOWS\TEMP\E_SD653.tmp" /EF "HKCU"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFBE.EXE" /FU "C:\WINDOWS\TEMP\E_SC007.tmp" /EF "HKCU"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
"C:\Program Files (x86)\DNS Unlocker\dnslockington.exe" /Scheduled
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Default"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5204.0.1332392727\1537102637" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0402 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.2.190339398\965776174" --font-cache-shared-handle=2328 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.3.1182013353\778335761" --font-cache-shared-handle=5128 /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.13.635596074\1840671709" --font-cache-shared-handle=5428 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.14.1769007695\1705914999" --font-cache-shared-handle=7420 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.28.69554445\95179747" --font-cache-shared-handle=8724 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.38.1806999018\571428698" --font-cache-shared-handle=6456 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.39.2002737299\1074657429" --font-cache-shared-handle=9940 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/*WebRTC-LocalIPPermissionCheck/Enabled/*WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="5204.41.1564547056\2010967896" --font-cache-shared-handle=2216 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\Users\MB1\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-13 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-13 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"OEXPRESS"= []
"Epson Stylus SX110"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [2008-09-26 223232]
"EPSON SX110 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [2008-09-26 223232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-15 7139768]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17 1085656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 15:36:41 ----D---- C:\rsit
2016-03-04 15:36:41 ----D---- C:\Program Files\trend micro
2016-03-03 19:15:00 ----D---- C:\ProgramData\be4e06a9-38f3-0
2016-03-03 19:10:56 ----D---- C:\Program Files (x86)\DNS Unlocker
2016-03-03 19:10:51 ----D---- C:\ProgramData\be4e06a9-6175-0
2016-03-03 19:10:50 ----D---- C:\ProgramData\b886fe07
2016-03-03 19:10:50 ----D---- C:\ProgramData\{10ccc128-112c-0}
2016-03-03 19:10:50 ----D---- C:\ProgramData\{06c5b0f3-612c-1}
2016-03-02 15:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-02 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-02 14:51:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-02 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 14:50:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-02 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-02 14:50:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-13 20:03:10 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-02-13 20:03:05 ----A---- C:\WINDOWS\avastSS.scr
2016-02-10 10:05:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:05:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:05:28 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
======List of files/folders modified in the last 1 month======
2016-03-04 15:36:41 ----RD---- C:\Program Files
2016-03-04 15:30:14 ----D---- C:\Users\MB1\AppData\Roaming\Skype
2016-03-04 15:15:54 ----D---- C:\WINDOWS\Temp
2016-03-04 15:01:57 ----D---- C:\WINDOWS\System32
2016-03-04 15:01:57 ----D---- C:\WINDOWS\INF
2016-03-04 15:01:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-04 14:55:52 ----D---- C:\WINDOWS\Prefetch
2016-03-04 14:55:20 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-04 14:55:18 ----D---- C:\WINDOWS\WinSxS
2016-03-04 14:55:18 ----D---- C:\WINDOWS\system32\config
2016-03-04 14:55:18 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-04 14:55:04 ----D---- C:\WINDOWS\system32\drivers
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Media
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 14:54:31 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\wbem
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\migration
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Dism
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Boot
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\appraiser
2016-03-04 14:54:31 ----D---- C:\WINDOWS\bcastdvr
2016-03-04 14:54:31 ----D---- C:\WINDOWS\AppPatch
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Media Player
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Journal
2016-03-04 14:54:31 ----D---- C:\Program Files\Internet Explorer
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-04 14:54:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-04 14:53:52 ----D---- C:\WINDOWS\system32\sru
2016-03-03 19:53:28 ----SD---- C:\Users\MB1\AppData\Roaming\Microsoft
2016-03-03 19:15:00 ----HD---- C:\ProgramData
2016-03-03 19:10:57 ----D---- C:\WINDOWS\system32\Tasks
2016-03-03 19:10:56 ----RD---- C:\Program Files (x86)
2016-03-03 19:10:39 ----D---- C:\ProgramData\b02e8694-3d25-0
2016-03-03 19:10:39 ----D---- C:\ProgramData\b02e8694-27e5-1
2016-03-03 15:48:22 ----D---- C:\WINDOWS\AppReadiness
2016-03-03 07:49:58 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-03-03 07:49:58 ----D---- C:\WINDOWS\system32\vbox
2016-03-03 07:41:02 ----D---- C:\WINDOWS\CbsTemp
2016-03-02 17:54:07 ----AD---- C:\KMPlayer
2016-03-02 15:40:27 ----D---- C:\Windows
2016-03-02 14:44:11 ----D---- C:\WINDOWS\system32\catroot2
2016-03-02 14:43:02 ----HD---- C:\Program Files\WindowsApps
2016-02-26 07:39:42 ----SHD---- C:\WINDOWS\Installer
2016-02-13 20:03:07 ----D---- C:\ProgramData\AVAST Software
2016-02-13 20:03:03 ----D---- C:\Program Files\AVAST Software
2016-02-13 08:59:43 ----D---- C:\WINDOWS\rescache
2016-02-11 16:06:46 ----RD---- C:\WINDOWS\assembly
2016-02-10 19:27:01 ----D---- C:\WINDOWS\system32\CatRoot
2016-02-10 19:26:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 19:26:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 15:45:25 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 15:41:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-08 15:58:45 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-07 17:50:18 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-13 287016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-02-13 154024]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-13 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-13 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-13 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-13 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-28 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2015-12-29 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-17 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-13 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-28 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_560c4;Hostitel synchronizace_560c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-02-13 5570120]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_14927ab;Hostitel synchronizace_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_175b6c7;Hostitel synchronizace_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27ee4;Hostitel synchronizace_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_28c41;Hostitel synchronizace_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2aa5d;Hostitel synchronizace_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3334a4f;Hostitel synchronizace_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_460e9c;Hostitel synchronizace_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4922780;Hostitel synchronizace_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_523893e;Hostitel synchronizace_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e7c87f;Hostitel synchronizace_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f5a49d;Hostitel synchronizace_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_14927ab;Služba zasílání zpráv_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_175b6c7;Služba zasílání zpráv_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27ee4;Služba zasílání zpráv_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28c41;Služba zasílání zpráv_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2aa5d;Služba zasílání zpráv_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3334a4f;Služba zasílání zpráv_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_460e9c;Služba zasílání zpráv_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4922780;Služba zasílání zpráv_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_523893e;Služba zasílání zpráv_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_560c4;Služba zasílání zpráv_560c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e7c87f;Služba zasílání zpráv_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f5a49d;Služba zasílání zpráv_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_14927ab;Data kontaktů_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_175b6c7;Data kontaktů_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27ee4;Data kontaktů_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28c41;Data kontaktů_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2aa5d;Data kontaktů_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3334a4f;Data kontaktů_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_460e9c;Data kontaktů_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4922780;Data kontaktů_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_523893e;Data kontaktů_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_560c4;Data kontaktů_560c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e7c87f;Data kontaktů_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f5a49d;Data kontaktů_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Napadení chromu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Napadení chromu
# AdwCleaner v5.037 - Logfile created 04/03/2016 at 20:03:57
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : MB1 - MB1-PC
# Running from : C:\Users\MB1\Desktop\AdwCleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[-] Folder Deleted : C:\Program Files (x86)\OneSystemCare
[-] Folder Deleted : C:\Program Files (x86)\simplitec
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\b02e8694-27e5-1
[-] Folder Deleted : C:\ProgramData\b02e8694-3d25-0
[-] Folder Deleted : C:\ProgramData\b886fe07
[-] Folder Deleted : C:\ProgramData\be4e06a9-38f3-0
[-] Folder Deleted : C:\ProgramData\be4e06a9-6175-0
[-] Folder Deleted : C:\ProgramData\{06c5b0f3-612c-1}
[-] Folder Deleted : C:\ProgramData\{10ccc128-112c-0}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[-] Folder Deleted : C:\Users\MB1\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmcaeimpccmlplndicmimpfmfalmpakb
***** [ Files ] *****
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\MB1\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_mmcaeimpccmlplndicmimpfmfalmpakb_0.localstorage
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : simplitec Power Suite (Tray)
[-] Task Deleted : simplitec Power Suite
[-] Task Deleted : {4794B678-CC19-4AFF-A906-4EBEED51B874}
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{b886fe07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78627017-DF67-4DDF-8CD8-0F6A0D41B721}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9835CD99-F016-4255-AF28-7C1959845AB3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{948EACFD-D9C1-424E-995C-725C46339DA8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50E536ED-6CC5-4A4D-807E-02D32E58141B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DA84DA34-FD7C-4A97-B691-9FDB9D219719}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{21E229A1-3991-4D0C-9F8F-44FDAF0C2C55}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8E823FA9-3332-4972-867B-3985DDEE7B9B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{493003A4-CECA-48C9-8A5A-1235E0992464}]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{36f1f689-19e7-4b99-a320-93d27cca2194} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{36f1f689-19e7-4b99-a320-93d27cca2194} [NameServer]
***** [ Web browsers ] *****
[-] [C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : flightaware.com
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4901 bytes] - [04/03/2016 20:03:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [4774 bytes] - [04/03/2016 20:02:34]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5047 bytes] ##########
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : MB1 - MB1-PC
# Running from : C:\Users\MB1\Desktop\AdwCleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[-] Folder Deleted : C:\Program Files (x86)\OneSystemCare
[-] Folder Deleted : C:\Program Files (x86)\simplitec
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\b02e8694-27e5-1
[-] Folder Deleted : C:\ProgramData\b02e8694-3d25-0
[-] Folder Deleted : C:\ProgramData\b886fe07
[-] Folder Deleted : C:\ProgramData\be4e06a9-38f3-0
[-] Folder Deleted : C:\ProgramData\be4e06a9-6175-0
[-] Folder Deleted : C:\ProgramData\{06c5b0f3-612c-1}
[-] Folder Deleted : C:\ProgramData\{10ccc128-112c-0}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[-] Folder Deleted : C:\Users\MB1\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmcaeimpccmlplndicmimpfmfalmpakb
***** [ Files ] *****
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\MB1\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_mmcaeimpccmlplndicmimpfmfalmpakb_0.localstorage
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : simplitec Power Suite (Tray)
[-] Task Deleted : simplitec Power Suite
[-] Task Deleted : {4794B678-CC19-4AFF-A906-4EBEED51B874}
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{b886fe07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{78627017-DF67-4DDF-8CD8-0F6A0D41B721}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9835CD99-F016-4255-AF28-7C1959845AB3}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{948EACFD-D9C1-424E-995C-725C46339DA8}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50E536ED-6CC5-4A4D-807E-02D32E58141B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DA84DA34-FD7C-4A97-B691-9FDB9D219719}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{21E229A1-3991-4D0C-9F8F-44FDAF0C2C55}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8E823FA9-3332-4972-867B-3985DDEE7B9B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{493003A4-CECA-48C9-8A5A-1235E0992464}]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{36f1f689-19e7-4b99-a320-93d27cca2194} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{36f1f689-19e7-4b99-a320-93d27cca2194} [NameServer]
***** [ Web browsers ] *****
[-] [C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : flightaware.com
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4901 bytes] - [04/03/2016 20:03:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [4774 bytes] - [04/03/2016 20:02:34]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5047 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Napadení chromu
Logfile of random's system information tool 1.10 (written by random/random)
Run by MB1 at 2016-03-05 10:12:48
Microsoft Windows 10 Home
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 3996 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:48, on 5.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\trend micro\MB1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Money Viking - {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8737 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\MB1\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-13 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-13 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-15 7139768]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17 1085656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 20:02:26 ----D---- C:\AdwCleaner
2016-03-04 19:51:57 ----D---- C:\Users\MB1\AppData\Roaming\Seznam Browser
2016-03-04 15:36:41 ----D---- C:\rsit
2016-03-04 15:36:41 ----D---- C:\Program Files\trend micro
2016-03-02 15:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-02 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-02 14:51:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-02 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 14:50:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-02 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-02 14:50:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-13 20:03:10 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-02-13 20:03:05 ----A---- C:\WINDOWS\avastSS.scr
2016-02-10 10:05:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:05:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:05:28 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
======List of files/folders modified in the last 1 month======
2016-03-05 10:12:36 ----D---- C:\WINDOWS\Temp
2016-03-05 10:07:35 ----D---- C:\WINDOWS\rescache
2016-03-05 09:59:33 ----D---- C:\WINDOWS\system32\sru
2016-03-05 09:57:33 ----D---- C:\Users\MB1\AppData\Roaming\Skype
2016-03-05 09:57:30 ----D---- C:\WINDOWS\Prefetch
2016-03-05 09:56:40 ----D---- C:\WINDOWS\System32
2016-03-05 09:56:40 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-04 20:17:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-04 20:11:55 ----D---- C:\WINDOWS\INF
2016-03-04 20:11:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-04 20:04:00 ----D---- C:\WINDOWS\Tasks
2016-03-04 20:04:00 ----D---- C:\WINDOWS\system32\Tasks
2016-03-04 20:03:59 ----HD---- C:\ProgramData
2016-03-04 20:03:58 ----RD---- C:\Program Files (x86)
2016-03-04 15:48:45 ----D---- C:\WINDOWS\AppReadiness
2016-03-04 15:48:44 ----HD---- C:\Program Files\WindowsApps
2016-03-04 15:36:41 ----RD---- C:\Program Files
2016-03-04 15:07:42 ----D---- C:\WINDOWS\system32\config
2016-03-04 14:55:18 ----D---- C:\WINDOWS\WinSxS
2016-03-04 14:55:04 ----D---- C:\WINDOWS\system32\drivers
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Media
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 14:54:31 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\wbem
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\migration
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Dism
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Boot
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\appraiser
2016-03-04 14:54:31 ----D---- C:\WINDOWS\bcastdvr
2016-03-04 14:54:31 ----D---- C:\WINDOWS\AppPatch
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Media Player
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Journal
2016-03-04 14:54:31 ----D---- C:\Program Files\Internet Explorer
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-04 14:54:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-03 19:53:28 ----SD---- C:\Users\MB1\AppData\Roaming\Microsoft
2016-03-03 07:49:58 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-03-03 07:49:58 ----D---- C:\WINDOWS\system32\vbox
2016-03-03 07:41:02 ----D---- C:\WINDOWS\CbsTemp
2016-03-02 17:54:07 ----AD---- C:\KMPlayer
2016-03-02 15:40:27 ----D---- C:\Windows
2016-03-02 14:44:11 ----D---- C:\WINDOWS\system32\catroot2
2016-02-26 07:39:42 ----SHD---- C:\WINDOWS\Installer
2016-02-26 07:39:42 ----D---- C:\ProgramData\Skype
2016-02-13 20:03:07 ----D---- C:\ProgramData\AVAST Software
2016-02-13 20:03:03 ----D---- C:\Program Files\AVAST Software
2016-02-11 16:06:46 ----RD---- C:\WINDOWS\assembly
2016-02-10 19:27:01 ----D---- C:\WINDOWS\system32\CatRoot
2016-02-10 19:26:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 19:26:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 15:45:25 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 15:41:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-08 15:58:45 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-07 17:50:18 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-13 287016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-02-13 154024]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-13 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-13 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-13 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-13 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-28 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2015-12-29 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-17 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-13 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-28 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_3036e9;Hostitel synchronizace_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-02-13 5570120]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_14927ab;Hostitel synchronizace_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_175b6c7;Hostitel synchronizace_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27ee4;Hostitel synchronizace_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_28c41;Hostitel synchronizace_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2aa5d;Hostitel synchronizace_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3334a4f;Hostitel synchronizace_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_460e9c;Hostitel synchronizace_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4922780;Hostitel synchronizace_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_523893e;Hostitel synchronizace_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e7c87f;Hostitel synchronizace_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f5a49d;Hostitel synchronizace_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_14927ab;Služba zasílání zpráv_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_175b6c7;Služba zasílání zpráv_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27ee4;Služba zasílání zpráv_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28c41;Služba zasílání zpráv_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2aa5d;Služba zasílání zpráv_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3036e9;Služba zasílání zpráv_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3334a4f;Služba zasílání zpráv_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_460e9c;Služba zasílání zpráv_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4922780;Služba zasílání zpráv_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_523893e;Služba zasílání zpráv_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e7c87f;Služba zasílání zpráv_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f5a49d;Služba zasílání zpráv_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_14927ab;Data kontaktů_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_175b6c7;Data kontaktů_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27ee4;Data kontaktů_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28c41;Data kontaktů_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2aa5d;Data kontaktů_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3036e9;Data kontaktů_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3334a4f;Data kontaktů_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_460e9c;Data kontaktů_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4922780;Data kontaktů_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_523893e;Data kontaktů_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e7c87f;Data kontaktů_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f5a49d;Data kontaktů_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Run by MB1 at 2016-03-05 10:12:48
Microsoft Windows 10 Home
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 3996 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:48, on 5.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\trend micro\MB1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Money Viking - {c7c5384f-d9e9-4db1-8c72-135ecccbc571} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8737 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\MB1\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-13 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-13 678656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-15 7139768]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17 1085656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 20:02:26 ----D---- C:\AdwCleaner
2016-03-04 19:51:57 ----D---- C:\Users\MB1\AppData\Roaming\Seznam Browser
2016-03-04 15:36:41 ----D---- C:\rsit
2016-03-04 15:36:41 ----D---- C:\Program Files\trend micro
2016-03-02 15:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-02 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-02 14:51:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-02 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 14:50:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-02 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-02 14:50:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-13 20:03:10 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-02-13 20:03:05 ----A---- C:\WINDOWS\avastSS.scr
2016-02-10 10:05:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:05:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:05:28 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
======List of files/folders modified in the last 1 month======
2016-03-05 10:12:36 ----D---- C:\WINDOWS\Temp
2016-03-05 10:07:35 ----D---- C:\WINDOWS\rescache
2016-03-05 09:59:33 ----D---- C:\WINDOWS\system32\sru
2016-03-05 09:57:33 ----D---- C:\Users\MB1\AppData\Roaming\Skype
2016-03-05 09:57:30 ----D---- C:\WINDOWS\Prefetch
2016-03-05 09:56:40 ----D---- C:\WINDOWS\System32
2016-03-05 09:56:40 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-04 20:17:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-04 20:11:55 ----D---- C:\WINDOWS\INF
2016-03-04 20:11:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-04 20:04:00 ----D---- C:\WINDOWS\Tasks
2016-03-04 20:04:00 ----D---- C:\WINDOWS\system32\Tasks
2016-03-04 20:03:59 ----HD---- C:\ProgramData
2016-03-04 20:03:58 ----RD---- C:\Program Files (x86)
2016-03-04 15:48:45 ----D---- C:\WINDOWS\AppReadiness
2016-03-04 15:48:44 ----HD---- C:\Program Files\WindowsApps
2016-03-04 15:36:41 ----RD---- C:\Program Files
2016-03-04 15:07:42 ----D---- C:\WINDOWS\system32\config
2016-03-04 14:55:18 ----D---- C:\WINDOWS\WinSxS
2016-03-04 14:55:04 ----D---- C:\WINDOWS\system32\drivers
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Media
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 14:54:31 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\wbem
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\migration
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Dism
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Boot
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\appraiser
2016-03-04 14:54:31 ----D---- C:\WINDOWS\bcastdvr
2016-03-04 14:54:31 ----D---- C:\WINDOWS\AppPatch
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Media Player
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Journal
2016-03-04 14:54:31 ----D---- C:\Program Files\Internet Explorer
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-04 14:54:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-03 19:53:28 ----SD---- C:\Users\MB1\AppData\Roaming\Microsoft
2016-03-03 07:49:58 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-03-03 07:49:58 ----D---- C:\WINDOWS\system32\vbox
2016-03-03 07:41:02 ----D---- C:\WINDOWS\CbsTemp
2016-03-02 17:54:07 ----AD---- C:\KMPlayer
2016-03-02 15:40:27 ----D---- C:\Windows
2016-03-02 14:44:11 ----D---- C:\WINDOWS\system32\catroot2
2016-02-26 07:39:42 ----SHD---- C:\WINDOWS\Installer
2016-02-26 07:39:42 ----D---- C:\ProgramData\Skype
2016-02-13 20:03:07 ----D---- C:\ProgramData\AVAST Software
2016-02-13 20:03:03 ----D---- C:\Program Files\AVAST Software
2016-02-11 16:06:46 ----RD---- C:\WINDOWS\assembly
2016-02-10 19:27:01 ----D---- C:\WINDOWS\system32\CatRoot
2016-02-10 19:26:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 19:26:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 15:45:25 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 15:41:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-08 15:58:45 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-07 17:50:18 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-13 287016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-02-13 154024]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-13 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-13 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-13 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-13 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-28 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2015-12-29 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-17 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-13 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-28 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_3036e9;Hostitel synchronizace_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-02-13 5570120]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_14927ab;Hostitel synchronizace_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_175b6c7;Hostitel synchronizace_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27ee4;Hostitel synchronizace_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_28c41;Hostitel synchronizace_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2aa5d;Hostitel synchronizace_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3334a4f;Hostitel synchronizace_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_460e9c;Hostitel synchronizace_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4922780;Hostitel synchronizace_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_523893e;Hostitel synchronizace_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e7c87f;Hostitel synchronizace_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f5a49d;Hostitel synchronizace_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_14927ab;Služba zasílání zpráv_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_175b6c7;Služba zasílání zpráv_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27ee4;Služba zasílání zpráv_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28c41;Služba zasílání zpráv_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2aa5d;Služba zasílání zpráv_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3036e9;Služba zasílání zpráv_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3334a4f;Služba zasílání zpráv_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_460e9c;Služba zasílání zpráv_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4922780;Služba zasílání zpráv_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_523893e;Služba zasílání zpráv_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e7c87f;Služba zasílání zpráv_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f5a49d;Služba zasílání zpráv_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_14927ab;Data kontaktů_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_175b6c7;Data kontaktů_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27ee4;Data kontaktů_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28c41;Data kontaktů_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2aa5d;Data kontaktů_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3036e9;Data kontaktů_3036e9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3334a4f;Data kontaktů_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_460e9c;Data kontaktů_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4922780;Data kontaktů_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_523893e;Data kontaktů_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e7c87f;Data kontaktů_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f5a49d;Data kontaktů_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
V nastavení sítě vymažte tyto IP: 82.163.142.7 95.211.158.134 (jsou fake) a nastavte automatickou DNS. Nebo se řiďte tím, co máte stanoveno ve smlouvě o připojení.
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
V nastavení sítě vymažte tyto IP: 82.163.142.7 95.211.158.134 (jsou fake) a nastavte automatickou DNS. Nebo se řiďte tím, co máte stanoveno ve smlouvě o připojení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Napadení chromu
IP: 82.163.142.7 95.211.158.134 jsem nikde nenašel (asi neumím hledat) ale reklamy jsou pryč
All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: MB1
->Temp folder emptied: 223659142 bytes
->Temporary Internet Files folder emptied: 73849802 bytes
->Google Chrome cache emptied: 169833056 bytes
->Flash cache emptied: 1161 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97611646 bytes
RecycleBin emptied: 18191559401 bytes
Total Files Cleaned = 17 888,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: DefaultAppPool
User: MB1
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03052016_121439
Files moved on Reboot...
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160214120322.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160214120327.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154036.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154037.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154040.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7c5384f-d9e9-4db1-8c72-135ecccbc571}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: MB1
->Temp folder emptied: 223659142 bytes
->Temporary Internet Files folder emptied: 73849802 bytes
->Google Chrome cache emptied: 169833056 bytes
->Flash cache emptied: 1161 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97611646 bytes
RecycleBin emptied: 18191559401 bytes
Total Files Cleaned = 17 888,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: DefaultAppPool
User: MB1
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03052016_121439
Files moved on Reboot...
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160214120322.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160214120327.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154036.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154037.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\opera_installer_20160302154040.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Napadení chromu
Logfile of random's system information tool 1.10 (written by random/random)
Run by MB1 at 2016-03-05 12:49:54
Microsoft Windows 10 Home
System drive C: has 80 GB (70%) free of 114 GB
Total RAM: 3996 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:49:55, on 5.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\MB1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8660 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea44c7a5-6c34-4d2d-8641-1e5ee3c92fdc -SystemEventPortName:HostProcess-1e34e6a2-c282-4085-a04b-a52e2f946fb9 -IoCancelEventPortName:HostProcess-fb19d43d-cf4e-4dff-812e-7d0e6ee49966 -NonStateChangingEventPortName:HostProcess-a4a748af-e486-4693-ab83-836585f72c1f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:28028ae7-f76b-4b8c-af3d-556d23a9e459 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {701F39E4-32DE-4002-BEC5-681E6346BD72}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\MB1\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-13 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-13 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-15 7139768]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17 1085656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 12:14:39 ----D---- C:\_OTM
2016-03-04 20:02:26 ----D---- C:\AdwCleaner
2016-03-04 19:51:57 ----D---- C:\Users\MB1\AppData\Roaming\Seznam Browser
2016-03-04 15:36:41 ----D---- C:\rsit
2016-03-04 15:36:41 ----D---- C:\Program Files\trend micro
2016-03-02 15:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-02 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-02 14:51:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-02 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 14:50:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-02 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-02 14:50:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-13 20:03:10 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-02-13 20:03:05 ----A---- C:\WINDOWS\avastSS.scr
2016-02-10 10:05:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:05:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:05:28 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
======List of files/folders modified in the last 1 month======
2016-03-05 12:47:38 ----D---- C:\Users\MB1\AppData\Roaming\Skype
2016-03-05 12:31:41 ----D---- C:\WINDOWS\Temp
2016-03-05 12:23:08 ----D---- C:\WINDOWS\System32
2016-03-05 12:23:08 ----D---- C:\WINDOWS\INF
2016-03-05 12:23:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-05 12:22:38 ----HD---- C:\Program Files\WindowsApps
2016-03-05 12:21:41 ----D---- C:\WINDOWS\AppReadiness
2016-03-05 12:20:02 ----D---- C:\WINDOWS\Prefetch
2016-03-05 12:16:03 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-05 12:14:40 ----D---- C:\WINDOWS\Tasks
2016-03-05 12:01:00 ----D---- C:\WINDOWS\system32\sru
2016-03-05 10:07:35 ----D---- C:\WINDOWS\rescache
2016-03-04 20:17:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-04 20:04:00 ----D---- C:\WINDOWS\system32\Tasks
2016-03-04 20:03:59 ----HD---- C:\ProgramData
2016-03-04 20:03:58 ----RD---- C:\Program Files (x86)
2016-03-04 15:36:41 ----RD---- C:\Program Files
2016-03-04 15:07:42 ----D---- C:\WINDOWS\system32\config
2016-03-04 14:55:18 ----D---- C:\WINDOWS\WinSxS
2016-03-04 14:55:04 ----D---- C:\WINDOWS\system32\drivers
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Media
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 14:54:31 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\wbem
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\migration
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Dism
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Boot
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\appraiser
2016-03-04 14:54:31 ----D---- C:\WINDOWS\bcastdvr
2016-03-04 14:54:31 ----D---- C:\WINDOWS\AppPatch
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Media Player
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Journal
2016-03-04 14:54:31 ----D---- C:\Program Files\Internet Explorer
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-04 14:54:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-03 19:53:28 ----SD---- C:\Users\MB1\AppData\Roaming\Microsoft
2016-03-03 07:49:58 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-03-03 07:49:58 ----D---- C:\WINDOWS\system32\vbox
2016-03-03 07:41:02 ----D---- C:\WINDOWS\CbsTemp
2016-03-02 17:54:07 ----AD---- C:\KMPlayer
2016-03-02 15:40:27 ----D---- C:\Windows
2016-03-02 14:44:11 ----D---- C:\WINDOWS\system32\catroot2
2016-02-26 07:39:42 ----SHD---- C:\WINDOWS\Installer
2016-02-26 07:39:42 ----D---- C:\ProgramData\Skype
2016-02-13 20:03:07 ----D---- C:\ProgramData\AVAST Software
2016-02-13 20:03:03 ----D---- C:\Program Files\AVAST Software
2016-02-11 16:06:46 ----RD---- C:\WINDOWS\assembly
2016-02-10 19:27:01 ----D---- C:\WINDOWS\system32\CatRoot
2016-02-10 19:26:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 19:26:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 15:45:25 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 15:41:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-08 15:58:45 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-07 17:50:18 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-13 287016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-02-13 154024]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-13 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-13 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-13 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-13 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-28 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2015-12-29 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-17 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-13 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-28 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_319cc;Hostitel synchronizace_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-02-13 5570120]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_14927ab;Hostitel synchronizace_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_175b6c7;Hostitel synchronizace_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27ee4;Hostitel synchronizace_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_28c41;Hostitel synchronizace_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2aa5d;Hostitel synchronizace_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3334a4f;Hostitel synchronizace_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_460e9c;Hostitel synchronizace_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4922780;Hostitel synchronizace_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_523893e;Hostitel synchronizace_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e7c87f;Hostitel synchronizace_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f5a49d;Hostitel synchronizace_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_14927ab;Služba zasílání zpráv_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_175b6c7;Služba zasílání zpráv_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27ee4;Služba zasílání zpráv_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28c41;Služba zasílání zpráv_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2aa5d;Služba zasílání zpráv_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_319cc;Služba zasílání zpráv_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3334a4f;Služba zasílání zpráv_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_460e9c;Služba zasílání zpráv_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4922780;Služba zasílání zpráv_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_523893e;Služba zasílání zpráv_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e7c87f;Služba zasílání zpráv_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f5a49d;Služba zasílání zpráv_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_14927ab;Data kontaktů_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_175b6c7;Data kontaktů_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27ee4;Data kontaktů_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28c41;Data kontaktů_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2aa5d;Data kontaktů_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_319cc;Data kontaktů_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3334a4f;Data kontaktů_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_460e9c;Data kontaktů_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4922780;Data kontaktů_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_523893e;Data kontaktů_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e7c87f;Data kontaktů_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f5a49d;Data kontaktů_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Run by MB1 at 2016-03-05 12:49:54
Microsoft Windows 10 Home
System drive C: has 80 GB (70%) free of 114 GB
Total RAM: 3996 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:49:55, on 5.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\MB1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8660 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea44c7a5-6c34-4d2d-8641-1e5ee3c92fdc -SystemEventPortName:HostProcess-1e34e6a2-c282-4085-a04b-a52e2f946fb9 -IoCancelEventPortName:HostProcess-fb19d43d-cf4e-4dff-812e-7d0e6ee49966 -NonStateChangingEventPortName:HostProcess-a4a748af-e486-4693-ab83-836585f72c1f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:28028ae7-f76b-4b8c-af3d-556d23a9e459 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {701F39E4-32DE-4002-BEC5-681E6346BD72}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\MB1\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-13 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-13 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\MB1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-03 551112]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"OEXPRESS"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-15 7139768]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17 1085656]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 12:14:39 ----D---- C:\_OTM
2016-03-04 20:02:26 ----D---- C:\AdwCleaner
2016-03-04 19:51:57 ----D---- C:\Users\MB1\AppData\Roaming\Seznam Browser
2016-03-04 15:36:41 ----D---- C:\rsit
2016-03-04 15:36:41 ----D---- C:\Program Files\trend micro
2016-03-02 15:40:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-03-02 14:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-02 14:51:06 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-02 14:51:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-02 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-02 14:51:03 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-02 14:51:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 14:50:59 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-02 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-02 14:50:56 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 14:50:55 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-02 14:50:54 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-02 14:50:53 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-02 14:50:52 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 14:50:51 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-02 14:50:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-02 14:50:49 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 14:50:48 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-02 14:50:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-02 14:50:46 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-02 14:50:45 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-02 14:50:44 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 14:50:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-02 14:50:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 14:50:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-02 14:50:40 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-02 14:50:39 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 14:50:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 14:50:37 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-02 14:50:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 14:50:35 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-02 14:50:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 14:50:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-02 14:50:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-02 14:50:31 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 14:50:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-02 14:50:29 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 14:50:28 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 14:50:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-02 14:50:26 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 14:50:26 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-02 14:50:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 14:50:25 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-02 14:50:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 14:50:23 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-02-13 20:03:10 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-02-13 20:03:05 ----A---- C:\WINDOWS\avastSS.scr
2016-02-10 10:05:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 10:05:34 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 10:05:33 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 10:05:32 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 10:05:31 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 10:05:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 10:05:29 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 10:05:28 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 10:05:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 10:05:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 10:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 10:05:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
======List of files/folders modified in the last 1 month======
2016-03-05 12:47:38 ----D---- C:\Users\MB1\AppData\Roaming\Skype
2016-03-05 12:31:41 ----D---- C:\WINDOWS\Temp
2016-03-05 12:23:08 ----D---- C:\WINDOWS\System32
2016-03-05 12:23:08 ----D---- C:\WINDOWS\INF
2016-03-05 12:23:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-05 12:22:38 ----HD---- C:\Program Files\WindowsApps
2016-03-05 12:21:41 ----D---- C:\WINDOWS\AppReadiness
2016-03-05 12:20:02 ----D---- C:\WINDOWS\Prefetch
2016-03-05 12:16:03 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-05 12:14:40 ----D---- C:\WINDOWS\Tasks
2016-03-05 12:01:00 ----D---- C:\WINDOWS\system32\sru
2016-03-05 10:07:35 ----D---- C:\WINDOWS\rescache
2016-03-04 20:17:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-04 20:04:00 ----D---- C:\WINDOWS\system32\Tasks
2016-03-04 20:03:59 ----HD---- C:\ProgramData
2016-03-04 20:03:58 ----RD---- C:\Program Files (x86)
2016-03-04 15:36:41 ----RD---- C:\Program Files
2016-03-04 15:07:42 ----D---- C:\WINDOWS\system32\config
2016-03-04 14:55:18 ----D---- C:\WINDOWS\WinSxS
2016-03-04 14:55:04 ----D---- C:\WINDOWS\system32\drivers
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-04 14:54:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Media
2016-03-04 14:54:31 ----RSD---- C:\WINDOWS\Fonts
2016-03-04 14:54:31 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\wbem
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\migration
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Dism
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\Boot
2016-03-04 14:54:31 ----D---- C:\WINDOWS\system32\appraiser
2016-03-04 14:54:31 ----D---- C:\WINDOWS\bcastdvr
2016-03-04 14:54:31 ----D---- C:\WINDOWS\AppPatch
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Media Player
2016-03-04 14:54:31 ----D---- C:\Program Files\Windows Journal
2016-03-04 14:54:31 ----D---- C:\Program Files\Internet Explorer
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-04 14:54:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-04 14:54:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-03 19:53:28 ----SD---- C:\Users\MB1\AppData\Roaming\Microsoft
2016-03-03 07:49:58 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-03-03 07:49:58 ----D---- C:\WINDOWS\system32\vbox
2016-03-03 07:41:02 ----D---- C:\WINDOWS\CbsTemp
2016-03-02 17:54:07 ----AD---- C:\KMPlayer
2016-03-02 15:40:27 ----D---- C:\Windows
2016-03-02 14:44:11 ----D---- C:\WINDOWS\system32\catroot2
2016-02-26 07:39:42 ----SHD---- C:\WINDOWS\Installer
2016-02-26 07:39:42 ----D---- C:\ProgramData\Skype
2016-02-13 20:03:07 ----D---- C:\ProgramData\AVAST Software
2016-02-13 20:03:03 ----D---- C:\Program Files\AVAST Software
2016-02-11 16:06:46 ----RD---- C:\WINDOWS\assembly
2016-02-10 19:27:01 ----D---- C:\WINDOWS\system32\CatRoot
2016-02-10 19:26:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-02-10 19:26:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-02-10 15:45:25 ----D---- C:\WINDOWS\system32\MRT
2016-02-10 15:41:29 ----A---- C:\WINDOWS\system32\MRT.exe
2016-02-08 15:58:45 ----D---- C:\WINDOWS\LiveKernelReports
2016-02-07 17:50:18 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-13 287016]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-02-13 154024]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-02-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-13 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-13 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-13 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-13 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-12-28 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [2015-12-29 25640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-17 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-13 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-12-28 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_319cc;Hostitel synchronizace_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-02-13 5570120]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_14927ab;Hostitel synchronizace_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_175b6c7;Hostitel synchronizace_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27ee4;Hostitel synchronizace_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_28c41;Hostitel synchronizace_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2aa5d;Hostitel synchronizace_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3334a4f;Hostitel synchronizace_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_460e9c;Hostitel synchronizace_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4922780;Hostitel synchronizace_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_523893e;Hostitel synchronizace_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e7c87f;Hostitel synchronizace_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f5a49d;Hostitel synchronizace_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_14927ab;Služba zasílání zpráv_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_175b6c7;Služba zasílání zpráv_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27ee4;Služba zasílání zpráv_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28c41;Služba zasílání zpráv_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2aa5d;Služba zasílání zpráv_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_319cc;Služba zasílání zpráv_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3334a4f;Služba zasílání zpráv_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_460e9c;Služba zasílání zpráv_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4922780;Služba zasílání zpráv_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_523893e;Služba zasílání zpráv_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e7c87f;Služba zasílání zpráv_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f5a49d;Služba zasílání zpráv_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_14927ab;Data kontaktů_14927ab; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_175b6c7;Data kontaktů_175b6c7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27ee4;Data kontaktů_27ee4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28c41;Data kontaktů_28c41; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2aa5d;Data kontaktů_2aa5d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_319cc;Data kontaktů_319cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3334a4f;Data kontaktů_3334a4f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_460e9c;Data kontaktů_460e9c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4922780;Data kontaktů_4922780; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_523893e;Data kontaktů_523893e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e7c87f;Data kontaktů_e7c87f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f5a49d;Data kontaktů_f5a49d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Re: Napadení chromu
Tak problém přetrvává
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Udělejte následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Napadení chromu
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by MB1 on so 05.03.2016 at 17:27:16,83.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MB1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
5.3.2016 17:28:10 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\MB1\AppData\Local\ActiveSync deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\MB1\AppData\Roaming\Seznam Browser deleted
C:\Users\MB1\addon_installer.bat deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\WINDOWS\Installer\2b96e3.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03.03.2016 07:29]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03.03.2016 07:29]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.02.2016 20:03]
Avast Online Security - MB1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Email - MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast Online Security - MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_planefinder.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_planefinder.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.prntscr.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.prntscr.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_addony.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_addony.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_ads.betweendigital.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_ads.betweendigital.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.emaildefendplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.emaildefendplussearch.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.newtabtvplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.newtabtvplussearch.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\35HT055R will be deleted at reboot
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\6QSB21YS will be deleted at reboot
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\CM521H2N will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\MB1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=805 folders=141 117467029 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\MB1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\35HT055R" not found
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\6QSB21YS" not found
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\CM521H2N" not found
==== EOF on so 05.03.2016 at 17:50:01,39 ======================
Tool run by MB1 on so 05.03.2016 at 17:27:16,83.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MB1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
5.3.2016 17:28:10 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\MB1\AppData\Local\ActiveSync deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\MB1\AppData\Roaming\Seznam Browser deleted
C:\Users\MB1\addon_installer.bat deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\WINDOWS\Installer\2b96e3.msi" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03.03.2016 07:29]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03.03.2016 07:29]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.02.2016 20:03]
Avast Online Security - MB1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Email - MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast Online Security - MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Chromium Fix ======================
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nps.pastaleads.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nps.pastaleads.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_planefinder.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_planefinder.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.prntscr.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.prntscr.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_addony.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_addony.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_ads.betweendigital.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_ads.betweendigital.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.emaildefendplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.emaildefendplussearch.com_0.localstorage-journal deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.newtabtvplussearch.com_0.localstorage deleted successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.newtabtvplussearch.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\35HT055R will be deleted at reboot
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\6QSB21YS will be deleted at reboot
C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\CM521H2N will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\MB1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\MB1\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=805 folders=141 117467029 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\MB1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\35HT055R" not found
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\6QSB21YS" not found
"C:\Users\MB1\AppData\Local\Microsoft\Windows\INetCache\IE\CM521H2N" not found
==== EOF on so 05.03.2016 at 17:50:01,39 ======================
Re: Napadení chromu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Home x64
Ran by MB1 (Administrator) on so 05.03.2016 at 17:52:51,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-9B549A07.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05.03.2016 at 17:54:15,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Home x64
Ran by MB1 (Administrator) on so 05.03.2016 at 17:52:51,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-9B549A07.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05.03.2016 at 17:54:15,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Napadení chromu
Vypada to dobre, snad to bude v pohode. Dekuji moc
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Napadení chromu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?