Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zvýšená aktivita procesora, pravidelné mrznutie na ~10sec

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Zvýšená aktivita procesora, pravidelné mrznutie na ~10sec

#1 Příspěvek od delmadord »

Dobrý podvečer, prosím o kontrolu logu. PC sa neuveriteľne dlho zapína aj vypína. Ďalšie symptómy sú pravidelné mrznutie a dlhá odozva mnohých bežných akcií (RSIT log generovalo cca 4 minúty). Chápem že je tu len 2GB RAM ale snáď s tým pôjde niečo robiť.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by SAMSUNG at 2016-03-08 20:20:05
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 2 GB (1%) free of 185 GB
Total RAM: 2009 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:31, on 8. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\SAMSUNG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.upjs.sk:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: EndNote Helper - {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: BTTray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 9227 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-f39d-a82c3a18da30 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3258448
\??\C:\Windows\system32\conhost.exe "91509310315067035041647874421-962900132-125769761837111504472357679-895632290
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {244CFD6C-2355-410B-99F5-8A39DD9FC8A7}
C:\Windows\system32\IRMonitor.exe 
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Windows\system32\GWX\GWX.exe" 
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-10113451441290028223-1362902747-7275202622307379861677772041336084319-1733361663
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe" 
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.exe" 
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" 
 /TRAYONLY
 /fmw.trayonly
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b0ba5cd3-7b68-4248-8b69-eeb34535e0f0 -SystemEventPortName:HostProcess-4a7d46f1-2688-43ce-a2ac-db8c7a3a01c4 -IoCancelEventPortName:HostProcess-0d0995d2-ae22-42d0-83e3-ce0f0a7016b7 -NonStateChangingEventPortName:HostProcess-bfcf5da2-be62-46df-97c6-6cbe60f4de35 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ed3f30a8-92c0-442c-8d2b-d5a9d51c4cbe -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" 
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe" 
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe" 
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4104
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="876.0.1884629810\1140626963" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="876.2.2062297723\1262621640" --font-cache-shared-handle=2740 /prefetch:673131151
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="876.17.370889042\1407269655" --font-cache-shared-handle=5516 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="876.28.1453701559\191077536" --font-cache-shared-handle=4184 /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="876.44.2146271110\1784940855" --font-cache-shared-handle=4664 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="876.46.144268555\554658295" --font-cache-shared-handle=3864 /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 

"C:\Users\SAMSUNG\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe  -check pepperplugin 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe  /DELETE_FROM_SYSTEM=1 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D2E569-25A7-4E4D-9FA3-C5025B4B7912}]
EndNote Helper - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2015-07-29 266360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-02-23 2426440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-02-01 25512]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2016-02-23 2874440]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]

C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-08 20:20:07 ----D---- C:\Program Files\trend micro
2016-03-08 20:20:05 ----D---- C:\rsit
2016-03-06 11:12:38 ----D---- C:\HijackThis
2016-03-05 23:38:39 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-03-05 23:37:44 ----A---- C:\ComboFix.txt
2016-03-05 23:30:31 ----SHD---- C:\$RECYCLE.BIN
2016-03-05 23:10:06 ----A---- C:\Windows\zip.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWSC.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWREG.exe
2016-03-05 23:10:06 ----A---- C:\Windows\sed.exe
2016-03-05 23:10:06 ----A---- C:\Windows\PEV.exe
2016-03-05 23:10:06 ----A---- C:\Windows\NIRCMD.exe
2016-03-05 23:10:06 ----A---- C:\Windows\MBR.exe
2016-03-05 23:10:06 ----A---- C:\Windows\grep.exe
2016-03-05 23:08:08 ----D---- C:\Qoobox
2016-03-05 23:06:23 ----D---- C:\Windows\erdnt
2016-03-05 22:59:17 ----D---- C:\ProgramData\Malwarebytes
2016-03-05 22:59:17 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-03-05 22:32:30 ----D---- C:\Program Files\CCleaner
2016-02-10 10:31:29 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 10:31:25 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 10:31:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 10:31:19 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 10:31:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 10:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 10:31:16 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 10:31:15 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 10:31:14 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 10:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\occache.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 10:29:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 10:29:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 10:29:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 10:29:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 10:29:11 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 10:26:49 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 10:26:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 10:26:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 10:26:29 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 10:26:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 10:25:32 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 10:25:31 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 10:25:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 10:25:26 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 10:25:26 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 10:25:25 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 10:25:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 10:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 10:25:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 10:25:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\smss.exe
2016-02-10 10:25:04 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 10:25:03 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 10:25:02 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 10:25:01 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 10:24:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 10:24:57 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 10:24:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 10:24:56 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 10:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 10:24:53 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 10:24:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 10:24:52 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 10:24:50 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 10:24:48 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 10:24:21 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-03-08 20:20:25 ----D---- C:\Windows\Prefetch
2016-03-08 20:20:07 ----RD---- C:\Program Files
2016-03-08 20:14:44 ----D---- C:\Windows\Temp
2016-03-08 20:12:47 ----D---- C:\Users\SAMSUNG\AppData\Roaming\vlc
2016-03-08 17:30:06 ----SHD---- C:\Windows\Installer
2016-03-08 17:30:06 ----D---- C:\Config.Msi
2016-03-08 17:28:30 ----AD---- C:\Windows\SysWOW64
2016-03-08 13:29:19 ----D---- C:\ProgramData\MFAData
2016-03-08 06:46:55 ----D---- C:\Windows\system32\config
2016-03-07 15:22:32 ----AD---- C:\Windows\System32
2016-03-07 15:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-07 15:22:31 ----D---- C:\Windows\inf
2016-03-06 11:43:49 ----D---- C:\Windows
2016-03-06 11:42:43 ----D---- C:\Windows\ehome
2016-03-06 11:42:42 ----AD---- C:\Windows\system32\drivers
2016-03-06 09:19:42 ----D---- C:\Program Files (x86)\rustina-nejen-pro-samouky
2016-03-06 08:49:09 ----D---- C:\ProgramData\APN
2016-03-06 08:49:09 ----D---- C:\ProgramData
2016-03-06 08:49:09 ----D---- C:\Program Files (x86)\Common Files
2016-03-06 08:49:04 ----D---- C:\Windows\system32\Tasks
2016-03-05 23:36:48 ----D---- C:\Windows\Tasks
2016-03-05 23:30:19 ----A---- C:\Windows\system.ini
2016-03-05 23:30:06 ----D---- C:\Windows\system32\drivers\etc
2016-03-05 23:23:35 ----D---- C:\Program Files (x86)\Music App
2016-03-05 23:19:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-05 23:19:39 ----D---- C:\Windows\AppPatch
2016-03-05 23:11:11 ----SHD---- C:\System Volume Information
2016-03-05 23:02:30 ----D---- C:\Program Files (x86)\IObit
2016-03-05 22:59:17 ----D---- C:\Program Files (x86)
2016-03-05 22:41:22 ----D---- C:\Windows\debug
2016-03-05 22:11:19 ----D---- C:\ProgramData\ProductData
2016-03-04 06:44:07 ----D---- C:\Windows\system32\wdi
2016-03-02 18:45:51 ----D---- C:\Program Files (x86)\Opera
2016-02-28 07:30:53 ----D---- C:\Windows\winsxs
2016-02-26 15:30:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-26 15:30:26 ----SD---- C:\Windows\system32\GWX
2016-02-23 13:28:58 ----D---- C:\ProgramData\AVG Web TuneUp
2016-02-23 13:28:13 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2016-02-17 20:41:41 ----D---- C:\Windows\Microsoft.NET
2016-02-16 00:30:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-11 12:38:11 ----D---- C:\Windows\rescache
2016-02-11 11:58:50 ----RSD---- C:\Windows\assembly
2016-02-11 08:57:35 ----D---- C:\Program Files\Windows Journal
2016-02-11 08:57:34 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 08:57:34 ----D---- C:\Windows\system32\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\system32\appraiser
2016-02-11 08:57:34 ----D---- C:\Program Files\Internet Explorer
2016-02-11 08:57:34 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 08:57:33 ----D---- C:\Windows\system32\en-US
2016-02-11 08:57:03 ----D---- C:\Windows\sk-SK
2016-02-11 01:02:15 ----D---- C:\Windows\system32\MRT
2016-02-11 00:44:21 ----A---- C:\Windows\system32\MRT.exe
2016-02-11 00:38:43 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 00:37:59 ----A---- C:\Windows\win.ini
2016-02-11 00:28:07 ----D---- C:\Windows\system32\catroot2
2016-02-10 16:43:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-08 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-01-22 260528]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-20 530488]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1200000.080\SYMDS64.SYS [2010-05-19 450096]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1200000.080\SYMEFA64.SYS [2010-05-19 815664]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-01-05 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-11 26528]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVia64.sys [2010-05-18 463408]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [2010-05-24 38248]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1200000.080\SYMNETS.SYS [2010-05-11 380464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 83456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-12-03 173616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx64.sys [2010-05-19 942640]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1200000.080\Ironx64.SYS [2010-05-17 168496]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 114560]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-08-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-08-23 27760]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2010-05-22 78848]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 120704]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-09-01 165504]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\EX64.SYS []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-11-05 15144]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [2010-05-24 701800]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-02-01 3881184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-02-01 561104]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2015-02-27 35616]
R2 vToolbarUpdater40.2.6;vToolbarUpdater40.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [2016-02-23 1949768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-02-01 604144]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Ďakujem.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#2 Příspěvek od Rudy »

Zdravím!
Prvním vaším problémem je málo volného místa na systémovém disku. Zkusíme vyčistit. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#3 Příspěvek od delmadord »

Ďakujem, log z adwcleaner

Kód: Vybrat vše

# AdwCleaner v5.101 - Logfile created 08/03/2016 at 21:19:20
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : SAMSUNG - SAMSUNG-PC
# Running from : C:\Users\SAMSUNG\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Music App
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Uniblue
[-] Folder Deleted : C:\Users\SAMSUNG\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Users\SAMSUNG\AppData\Roaming\Babylon

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithiMesh
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\Imesh
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\SiteRanker
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[#] Key Deleted : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Users\SAMSUNG\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4748 bytes] - [08/03/2016 21:19:20]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [4611 bytes] - [08/03/2016 21:16:27]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4934 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#5 Příspěvek od delmadord »

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by SAMSUNG at 2016-03-08 22:11:03
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 3 GB (2%) free of 185 GB
Total RAM: 2009 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:13, on 8. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\SAMSUNG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.upjs.sk:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: EndNote Helper - {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: BTTray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 8488 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-6c7f-902bdda5be04 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3811296
\??\C:\Windows\system32\conhost.exe "-1698610265613351651190826418-2127026985-1898270376-1639302637-808525435-1246788030
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
taskeng.exe {B0885EF7-321D-4CD5-B420-9B30EAA025FB}
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\IRMonitor.exe 
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Windows\system32\GWX\GWX.exe" 
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe" 
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b9a755f8-d3af-44b9-bf88-21111eb7ee63 -SystemEventPortName:HostProcess-de61b794-861e-4a2b-936b-bcb287252293 -IoCancelEventPortName:HostProcess-24359169-2602-4d1c-b451-1cbe515cab76 -NonStateChangingEventPortName:HostProcess-3eaf494d-a747-4c6a-91ec-1ea871e1d945 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3d07a009-68b5-4aa6-920d-181e6eae9b48 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.exe" 
 /TRAYONLY
 /fmw.trayonly
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" 
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5756.0.821014996\2015177039" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5756.2.702717134\487620074" --font-cache-shared-handle=2888 /prefetch:673131151
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe" 
ctfmon.exe
WLIDSvcM.exe 6644
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5756.5.908272485\820152904" --font-cache-shared-handle=2188 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 

"C:\Users\SAMSUNG\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe  -check pepperplugin 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe  /DELETE_FROM_SYSTEM=1 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D2E569-25A7-4E4D-9FA3-C5025B4B7912}]
EndNote Helper - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2015-07-29 266360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-02-01 25512]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]

C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-08 21:16:15 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-08 20:20:07 ----D---- C:\Program Files\trend micro
2016-03-08 20:20:05 ----D---- C:\rsit
2016-03-06 11:12:38 ----D---- C:\HijackThis
2016-03-05 23:38:39 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-03-05 23:37:44 ----A---- C:\ComboFix.txt
2016-03-05 23:30:31 ----SHD---- C:\$RECYCLE.BIN
2016-03-05 23:10:06 ----A---- C:\Windows\zip.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWSC.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWREG.exe
2016-03-05 23:10:06 ----A---- C:\Windows\sed.exe
2016-03-05 23:10:06 ----A---- C:\Windows\PEV.exe
2016-03-05 23:10:06 ----A---- C:\Windows\NIRCMD.exe
2016-03-05 23:10:06 ----A---- C:\Windows\MBR.exe
2016-03-05 23:10:06 ----A---- C:\Windows\grep.exe
2016-03-05 23:08:08 ----D---- C:\Qoobox
2016-03-05 23:06:23 ----D---- C:\Windows\erdnt
2016-03-05 22:59:17 ----D---- C:\ProgramData\Malwarebytes
2016-03-05 22:59:17 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-03-05 22:32:30 ----D---- C:\Program Files\CCleaner
2016-02-10 10:31:29 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 10:31:25 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 10:31:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 10:31:19 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 10:31:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 10:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 10:31:16 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 10:31:15 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 10:31:14 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 10:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\occache.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 10:29:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 10:29:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 10:29:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 10:29:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 10:29:11 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 10:26:49 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 10:26:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 10:26:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 10:26:29 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 10:26:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 10:25:32 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 10:25:31 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 10:25:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 10:25:26 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 10:25:26 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 10:25:25 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 10:25:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 10:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 10:25:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 10:25:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\smss.exe
2016-02-10 10:25:04 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 10:25:03 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 10:25:02 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 10:25:01 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 10:24:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 10:24:57 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 10:24:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 10:24:56 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 10:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 10:24:53 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 10:24:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 10:24:52 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 10:24:50 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 10:24:48 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 10:24:21 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-03-08 22:11:09 ----D---- C:\Windows\Prefetch
2016-03-08 22:08:54 ----D---- C:\Windows\Temp
2016-03-08 21:40:23 ----D---- C:\Windows\system32\config
2016-03-08 21:29:16 ----D---- C:\ProgramData\MFAData
2016-03-08 21:22:59 ----SHD---- C:\System Volume Information
2016-03-08 21:19:50 ----D---- C:\ProgramData
2016-03-08 21:19:48 ----D---- C:\Program Files\Common Files
2016-03-08 21:19:46 ----D---- C:\Program Files (x86)\Common Files
2016-03-08 21:19:35 ----D---- C:\Program Files (x86)
2016-03-08 20:20:07 ----RD---- C:\Program Files
2016-03-08 20:12:47 ----D---- C:\Users\SAMSUNG\AppData\Roaming\vlc
2016-03-08 17:30:06 ----SHD---- C:\Windows\Installer
2016-03-08 17:30:06 ----D---- C:\Config.Msi
2016-03-08 17:28:30 ----AD---- C:\Windows\SysWOW64
2016-03-07 15:22:32 ----AD---- C:\Windows\System32
2016-03-07 15:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-07 15:22:31 ----D---- C:\Windows\inf
2016-03-06 11:43:49 ----D---- C:\Windows
2016-03-06 11:42:43 ----D---- C:\Windows\ehome
2016-03-06 11:42:42 ----AD---- C:\Windows\system32\drivers
2016-03-06 09:19:42 ----D---- C:\Program Files (x86)\rustina-nejen-pro-samouky
2016-03-06 08:49:04 ----D---- C:\Windows\system32\Tasks
2016-03-05 23:36:48 ----D---- C:\Windows\Tasks
2016-03-05 23:30:19 ----A---- C:\Windows\system.ini
2016-03-05 23:30:06 ----D---- C:\Windows\system32\drivers\etc
2016-03-05 23:19:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-05 23:19:39 ----D---- C:\Windows\AppPatch
2016-03-05 23:02:30 ----D---- C:\Program Files (x86)\IObit
2016-03-05 22:41:22 ----D---- C:\Windows\debug
2016-03-05 22:11:19 ----D---- C:\ProgramData\ProductData
2016-03-04 06:44:07 ----D---- C:\Windows\system32\wdi
2016-03-02 18:45:51 ----D---- C:\Program Files (x86)\Opera
2016-02-28 07:30:53 ----D---- C:\Windows\winsxs
2016-02-26 15:30:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-26 15:30:26 ----SD---- C:\Windows\system32\GWX
2016-02-23 13:28:58 ----D---- C:\ProgramData\AVG Web TuneUp
2016-02-23 13:28:13 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2016-02-17 20:41:41 ----D---- C:\Windows\Microsoft.NET
2016-02-16 00:30:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-11 12:38:11 ----D---- C:\Windows\rescache
2016-02-11 11:58:50 ----RSD---- C:\Windows\assembly
2016-02-11 08:57:35 ----D---- C:\Program Files\Windows Journal
2016-02-11 08:57:34 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 08:57:34 ----D---- C:\Windows\system32\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\system32\appraiser
2016-02-11 08:57:34 ----D---- C:\Program Files\Internet Explorer
2016-02-11 08:57:34 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 08:57:33 ----D---- C:\Windows\system32\en-US
2016-02-11 08:57:03 ----D---- C:\Windows\sk-SK
2016-02-11 01:02:15 ----D---- C:\Windows\system32\MRT
2016-02-11 00:44:21 ----A---- C:\Windows\system32\MRT.exe
2016-02-11 00:38:43 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 00:37:59 ----A---- C:\Windows\win.ini
2016-02-11 00:28:07 ----D---- C:\Windows\system32\catroot2
2016-02-10 16:43:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-08 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-01-22 260528]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-20 530488]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1200000.080\SYMDS64.SYS [2010-05-19 450096]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1200000.080\SYMEFA64.SYS [2010-05-19 815664]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-01-05 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-11 26528]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVia64.sys [2010-05-18 463408]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [2010-05-24 38248]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1200000.080\SYMNETS.SYS [2010-05-11 380464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 83456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-12-03 173616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx64.sys [2010-05-19 942640]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1200000.080\Ironx64.SYS [2010-05-17 168496]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 114560]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-08-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-08-23 27760]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2010-05-22 78848]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 120704]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-09-01 165504]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\EX64.SYS []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-11-05 15144]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [2010-05-24 701800]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-02-01 3881184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-02-01 561104]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2015-02-27 35616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-02-01 604144]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Proč jste spouštěl ComboFix, utilitu určenou pouze profesinálům? Laik si jím snadno může poškodit systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#7 Příspěvek od delmadord »

Dobrý večer Rudy. ComboFix som spúšťal ešte pred tým, ako som si priznal, že som laik a vyhľadal odbornú pomoc. Ďakujem za pomoc.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by SAMSUNG at 2016-03-08 22:56:18
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 5 GB (3%) free of 185 GB
Total RAM: 2009 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:02, on 8. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\trend micro\SAMSUNG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.upjs.sk:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: EndNote Helper - {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: BTTray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 8488 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-0a0a-717ae2cd8d09 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4336576
\??\C:\Windows\system32\conhost.exe "-99859904111088377661783167627-1228882072285964197-366016646-1716418337254260329
C:\Windows\System32\spoolsv.exe
taskeng.exe {E1142C33-52D8-444D-8E23-474A343EF2D0}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\lpksetup.exe -v
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {9B69797D-2035-45B6-8CCF-3E5949BD97CA}
C:\Windows\system32\IRMonitor.exe 
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Windows\system32\GWX\GWX.exe" 
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe" 
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-27d645c9-432e-46cd-bcfa-c50491dc9286 -SystemEventPortName:HostProcess-3cd91fed-1982-4c94-908b-f8551192f147 -IoCancelEventPortName:HostProcess-070544f5-511b-4d6b-9cf8-ffa79d7137fe -NonStateChangingEventPortName:HostProcess-b7b017b0-c105-46aa-aa75-7681fdb30a1b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4a52e5c7-67cf-47b7-bf77-90b657648312 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.exe" 
 /TRAYONLY
 /fmw.trayonly
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" 
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6096.0.912115522\1280130841" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
WLIDSvcM.exe 2704
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAutoTuneReceiveWindow/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="6096.1.543947850\1107976780" --font-cache-shared-handle=1816 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A5_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledAutoTuneReceiveWindow/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="6096.2.1627562416\1022452343" --font-cache-shared-handle=2004 /prefetch:673131151
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe" 
ctfmon.exe
"C:\Program Files (x86)\Opera\launcher.exe" --scheduledautoupdate
"C:\Program Files (x86)\Opera\launcher.exe" --scheduledautoupdate $(Arg0)
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe" 
"C:\Users\SAMSUNG\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe  -check pepperplugin 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe  /DELETE_FROM_SYSTEM=1 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D2E569-25A7-4E4D-9FA3-C5025B4B7912}]
EndNote Helper - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2015-07-29 266360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-02-01 25512]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]

C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-08 22:46:51 ----D---- C:\_OTM
2016-03-08 21:16:15 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-08 20:20:07 ----D---- C:\Program Files\trend micro
2016-03-08 20:20:05 ----D---- C:\rsit
2016-03-06 11:12:38 ----D---- C:\HijackThis
2016-03-05 23:38:39 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-03-05 23:37:44 ----A---- C:\ComboFix.txt
2016-03-05 23:30:31 ----SHD---- C:\$RECYCLE.BIN
2016-03-05 23:10:06 ----A---- C:\Windows\zip.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWSC.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWREG.exe
2016-03-05 23:10:06 ----A---- C:\Windows\sed.exe
2016-03-05 23:10:06 ----A---- C:\Windows\PEV.exe
2016-03-05 23:10:06 ----A---- C:\Windows\NIRCMD.exe
2016-03-05 23:10:06 ----A---- C:\Windows\MBR.exe
2016-03-05 23:10:06 ----A---- C:\Windows\grep.exe
2016-03-05 23:08:08 ----D---- C:\Qoobox
2016-03-05 23:06:23 ----D---- C:\Windows\erdnt
2016-03-05 22:59:17 ----D---- C:\ProgramData\Malwarebytes
2016-03-05 22:59:17 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-03-05 22:32:30 ----D---- C:\Program Files\CCleaner
2016-02-10 10:31:29 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 10:31:25 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 10:31:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 10:31:19 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 10:31:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 10:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 10:31:16 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 10:31:15 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 10:31:14 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 10:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\occache.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 10:29:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 10:29:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 10:29:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 10:29:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 10:29:11 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 10:26:49 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 10:26:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 10:26:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 10:26:29 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 10:26:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 10:25:32 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 10:25:31 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 10:25:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 10:25:26 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 10:25:26 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 10:25:25 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 10:25:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 10:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 10:25:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 10:25:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\smss.exe
2016-02-10 10:25:04 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 10:25:03 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 10:25:02 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 10:25:01 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 10:24:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 10:24:57 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 10:24:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 10:24:56 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 10:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 10:24:53 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 10:24:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 10:24:52 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 10:24:50 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 10:24:48 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 10:24:21 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-03-08 22:56:17 ----D---- C:\Windows\Prefetch
2016-03-08 22:56:13 ----D---- C:\Windows\Temp
2016-03-08 22:48:46 ----D---- C:\Windows\system32\config
2016-03-08 22:46:54 ----D---- C:\Windows\Tasks
2016-03-08 21:29:16 ----D---- C:\ProgramData\MFAData
2016-03-08 21:22:59 ----SHD---- C:\System Volume Information
2016-03-08 21:19:50 ----D---- C:\ProgramData
2016-03-08 21:19:48 ----D---- C:\Program Files\Common Files
2016-03-08 21:19:46 ----D---- C:\Program Files (x86)\Common Files
2016-03-08 21:19:35 ----D---- C:\Program Files (x86)
2016-03-08 20:20:07 ----RD---- C:\Program Files
2016-03-08 20:12:47 ----D---- C:\Users\SAMSUNG\AppData\Roaming\vlc
2016-03-08 17:30:06 ----SHD---- C:\Windows\Installer
2016-03-08 17:30:06 ----D---- C:\Config.Msi
2016-03-08 17:28:30 ----AD---- C:\Windows\SysWOW64
2016-03-07 15:22:32 ----AD---- C:\Windows\System32
2016-03-07 15:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-07 15:22:31 ----D---- C:\Windows\inf
2016-03-06 11:43:49 ----D---- C:\Windows
2016-03-06 11:42:43 ----D---- C:\Windows\ehome
2016-03-06 11:42:42 ----AD---- C:\Windows\system32\drivers
2016-03-06 09:19:42 ----D---- C:\Program Files (x86)\rustina-nejen-pro-samouky
2016-03-06 08:49:04 ----D---- C:\Windows\system32\Tasks
2016-03-05 23:30:19 ----A---- C:\Windows\system.ini
2016-03-05 23:30:06 ----D---- C:\Windows\system32\drivers\etc
2016-03-05 23:19:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-05 23:19:39 ----D---- C:\Windows\AppPatch
2016-03-05 23:02:30 ----D---- C:\Program Files (x86)\IObit
2016-03-05 22:41:22 ----D---- C:\Windows\debug
2016-03-05 22:11:19 ----D---- C:\ProgramData\ProductData
2016-03-04 06:44:07 ----D---- C:\Windows\system32\wdi
2016-03-02 18:45:51 ----D---- C:\Program Files (x86)\Opera
2016-02-28 07:30:53 ----D---- C:\Windows\winsxs
2016-02-26 15:30:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-26 15:30:26 ----SD---- C:\Windows\system32\GWX
2016-02-23 13:28:58 ----D---- C:\ProgramData\AVG Web TuneUp
2016-02-23 13:28:13 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2016-02-17 20:41:41 ----D---- C:\Windows\Microsoft.NET
2016-02-16 00:30:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-11 12:38:11 ----D---- C:\Windows\rescache
2016-02-11 11:58:50 ----RSD---- C:\Windows\assembly
2016-02-11 08:57:35 ----D---- C:\Program Files\Windows Journal
2016-02-11 08:57:34 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 08:57:34 ----D---- C:\Windows\system32\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\system32\appraiser
2016-02-11 08:57:34 ----D---- C:\Program Files\Internet Explorer
2016-02-11 08:57:34 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 08:57:33 ----D---- C:\Windows\system32\en-US
2016-02-11 08:57:03 ----D---- C:\Windows\sk-SK
2016-02-11 01:02:15 ----D---- C:\Windows\system32\MRT
2016-02-11 00:44:21 ----A---- C:\Windows\system32\MRT.exe
2016-02-11 00:38:43 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 00:37:59 ----A---- C:\Windows\win.ini
2016-02-11 00:28:07 ----D---- C:\Windows\system32\catroot2
2016-02-10 16:43:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-08 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-01-22 260528]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-20 530488]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1200000.080\SYMDS64.SYS [2010-05-19 450096]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1200000.080\SYMEFA64.SYS [2010-05-19 815664]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-01-05 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-11 26528]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVia64.sys [2010-05-18 463408]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [2010-05-24 38248]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1200000.080\SYMNETS.SYS [2010-05-11 380464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 83456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-12-03 173616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx64.sys [2010-05-19 942640]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1200000.080\Ironx64.SYS [2010-05-17 168496]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 114560]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-08-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-08-23 27760]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2010-05-22 78848]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 120704]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-09-01 165504]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\EX64.SYS []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-11-05 15144]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [2010-05-24 701800]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-02-01 3881184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-02-01 561104]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2015-02-27 35616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-02-01 604144]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#8 Příspěvek od Rudy »

OK. Už to raději nědělejte. Dvouklikem na soubor C:\Program Files\trend micro\SAMSUNG.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - (no file)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Volné místo na disku je nyní 5GB, což je nejzazší muinimum. Bude dobré, když přesunete některá svá data na jiné úložiště, příp odinstalujete nepoužívané programy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#9 Příspěvek od delmadord »

Ďakujem za pomoc, adwcleaner nenašiel nič.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by SAMSUNG at 2016-03-09 20:02:46
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 1 GB (1%) free of 185 GB
Total RAM: 2009 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:34, on 9. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\SAMSUNG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.upjs.sk:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: EndNote Helper - {82D2E569-25A7-4E4D-9FA3-C5025B4B7912} - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: BTTray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google Inc. - (no file)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 8081 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-b01d-c43b9f18a046 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 2689840
\??\C:\Windows\system32\conhost.exe "-16645374441359574547-16026110851991631097-1321095519-1240728047856188824465116594
taskeng.exe {0BF04258-61D4-458D-A6B1-357FF33CF626}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {7DE793CD-2C56-4DDA-AF54-9648932C864F}
C:\Windows\system32\IRMonitor.exe 
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /cr
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" /s
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe" 
"C:\Program Files\Elantech\ETDCtrl.exe" 
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Windows\System32\igfxtray.exe" 
"C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.exe" 
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe" 
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f1476a18-ad39-4144-a6be-5f880ad3e33d -SystemEventPortName:HostProcess-e0ebd2bd-df2c-4030-9e2c-5d63d2a2238a -IoCancelEventPortName:HostProcess-a1046977-0698-4254-97c1-1bccd9c3be7d -NonStateChangingEventPortName:HostProcess-9645ef2c-25eb-4de1-acdc-bec9f1616000 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0fa764c8-01e6-4361-b8e1-9dc79dbf701c -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe" 
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\SAMSUNG\Desktop\RSITx64.exe" 
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe  -check pepperplugin 
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe  /DELETE_FROM_SYSTEM=1 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D2E569-25A7-4E4D-9FA3-C5025B4B7912}]
EndNote Helper - C:\Program Files (x86)\EndNote Plug-Ins\ENWIEPlug.dll [2015-07-29 266360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-02-01 25512]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]

C:\Users\SAMSUNG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-08 22:46:51 ----D---- C:\_OTM
2016-03-08 21:16:15 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-08 20:20:07 ----D---- C:\Program Files\trend micro
2016-03-08 20:20:05 ----D---- C:\rsit
2016-03-06 11:12:38 ----D---- C:\HijackThis
2016-03-05 23:38:39 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-03-05 23:37:44 ----A---- C:\ComboFix.txt
2016-03-05 23:30:31 ----SHD---- C:\$RECYCLE.BIN
2016-03-05 23:10:06 ----A---- C:\Windows\zip.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWSC.exe
2016-03-05 23:10:06 ----A---- C:\Windows\SWREG.exe
2016-03-05 23:10:06 ----A---- C:\Windows\sed.exe
2016-03-05 23:10:06 ----A---- C:\Windows\PEV.exe
2016-03-05 23:10:06 ----A---- C:\Windows\NIRCMD.exe
2016-03-05 23:10:06 ----A---- C:\Windows\MBR.exe
2016-03-05 23:10:06 ----A---- C:\Windows\grep.exe
2016-03-05 23:08:08 ----D---- C:\Qoobox
2016-03-05 23:06:23 ----D---- C:\Windows\erdnt
2016-03-05 22:59:17 ----D---- C:\ProgramData\Malwarebytes
2016-03-05 22:59:17 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-03-05 22:59:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-03-05 22:32:30 ----D---- C:\Program Files\CCleaner
2016-02-10 10:31:29 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 10:31:28 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 10:31:26 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 10:31:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 10:31:25 ----A---- C:\Windows\system32\acmigration.dll
2016-02-10 10:31:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-10 10:31:19 ----A---- C:\Windows\system32\iertutil.dll
2016-02-10 10:31:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-10 10:31:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-10 10:31:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-10 10:31:16 ----A---- C:\Windows\system32\urlmon.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieui.dll
2016-02-10 10:31:16 ----A---- C:\Windows\system32\ieframe.dll
2016-02-10 10:31:15 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-10 10:31:14 ----A---- C:\Windows\system32\mshtml.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-10 10:29:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-10 10:29:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-10 10:29:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 10:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-10 10:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-10 10:29:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\occache.dll
2016-02-10 10:29:22 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-10 10:29:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-10 10:29:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-10 10:29:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 10:29:19 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-10 10:29:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\iesetup.dll
2016-02-10 10:29:18 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-10 10:29:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\vbscript.dll
2016-02-10 10:29:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-10 10:29:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-10 10:29:15 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\webcheck.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-10 10:29:13 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript9.dll
2016-02-10 10:29:12 ----A---- C:\Windows\system32\jscript.dll
2016-02-10 10:29:11 ----A---- C:\Windows\system32\wininet.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\msrating.dll
2016-02-10 10:29:10 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-10 10:26:49 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups2.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wups.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wudriver.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wucltux.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-10 10:26:46 ----A---- C:\Windows\system32\wuapi.dll
2016-02-10 10:26:46 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-10 10:26:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wuapp.exe
2016-02-10 10:26:45 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 10:26:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\win32k.sys
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 10:26:42 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 10:26:29 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 10:26:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-10 10:25:32 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 10:25:32 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 10:25:31 ----A---- C:\Windows\system32\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-10 10:25:27 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-10 10:25:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 10:25:26 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 10:25:26 ----A---- C:\Windows\system32\kerberos.dll
2016-02-10 10:25:25 ----A---- C:\Windows\system32\kernel32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 10:25:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-10 10:25:24 ----A---- C:\Windows\system32\advapi32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 10:25:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-10 10:25:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-10 10:25:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-10 10:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-10 10:25:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-10 10:25:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\smss.exe
2016-02-10 10:25:04 ----A---- C:\Windows\system32\schannel.dll
2016-02-10 10:25:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-10 10:25:03 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-10 10:25:03 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-10 10:25:02 ----A---- C:\Windows\system32\winsrv.dll
2016-02-10 10:25:01 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-10 10:25:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wow64win.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\wdigest.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\sspicli.dll
2016-02-10 10:25:00 ----A---- C:\Windows\system32\srcore.dll
2016-02-10 10:24:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\wow64.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-10 10:24:59 ----A---- C:\Windows\system32\conhost.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-10 10:24:57 ----A---- C:\Windows\system32\lsass.exe
2016-02-10 10:24:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-10 10:24:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-10 10:24:56 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-10 10:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-10 10:24:53 ----A---- C:\Windows\system32\secur32.dll
2016-02-10 10:24:52 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\srclient.dll
2016-02-10 10:24:52 ----A---- C:\Windows\system32\rstrui.exe
2016-02-10 10:24:52 ----A---- C:\Windows\system32\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-10 10:24:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-10 10:24:51 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 10:24:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-10 10:24:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-10 10:24:50 ----A---- C:\Windows\system32\auditpol.exe
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 10:24:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 10:24:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-10 10:24:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-10 10:24:48 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msobjs.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\msaudite.dll
2016-02-10 10:24:47 ----A---- C:\Windows\system32\adtschema.dll
2016-02-10 10:24:21 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 10:24:19 ----A---- C:\Windows\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 10:24:18 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 10:24:18 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-03-09 20:02:44 ----D---- C:\Windows\Temp
2016-03-09 20:01:45 ----D---- C:\Windows\system32\config
2016-03-09 19:53:57 ----D---- C:\ProgramData\MFAData
2016-03-09 19:45:07 ----D---- C:\Users\SAMSUNG\AppData\Roaming\vlc
2016-03-09 15:34:07 ----D---- C:\Windows\Prefetch
2016-03-09 11:07:59 ----D---- C:\Windows\winsxs
2016-03-09 11:06:01 ----D---- C:\Windows\system32\catroot2
2016-03-08 22:46:54 ----D---- C:\Windows\Tasks
2016-03-08 21:22:59 ----SHD---- C:\System Volume Information
2016-03-08 21:19:50 ----D---- C:\ProgramData
2016-03-08 21:19:48 ----D---- C:\Program Files\Common Files
2016-03-08 21:19:46 ----D---- C:\Program Files (x86)\Common Files
2016-03-08 21:19:35 ----D---- C:\Program Files (x86)
2016-03-08 20:20:07 ----RD---- C:\Program Files
2016-03-08 17:30:06 ----SHD---- C:\Windows\Installer
2016-03-08 17:30:06 ----D---- C:\Config.Msi
2016-03-08 17:28:30 ----AD---- C:\Windows\SysWOW64
2016-03-07 15:22:32 ----AD---- C:\Windows\System32
2016-03-07 15:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-07 15:22:31 ----D---- C:\Windows\inf
2016-03-06 11:43:49 ----D---- C:\Windows
2016-03-06 11:42:43 ----D---- C:\Windows\ehome
2016-03-06 11:42:42 ----AD---- C:\Windows\system32\drivers
2016-03-06 09:19:42 ----D---- C:\Program Files (x86)\rustina-nejen-pro-samouky
2016-03-06 08:49:04 ----D---- C:\Windows\system32\Tasks
2016-03-05 23:30:19 ----A---- C:\Windows\system.ini
2016-03-05 23:30:06 ----D---- C:\Windows\system32\drivers\etc
2016-03-05 23:19:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-05 23:19:39 ----D---- C:\Windows\AppPatch
2016-03-05 23:02:30 ----D---- C:\Program Files (x86)\IObit
2016-03-05 22:41:22 ----D---- C:\Windows\debug
2016-03-05 22:11:19 ----D---- C:\ProgramData\ProductData
2016-03-04 06:44:07 ----D---- C:\Windows\system32\wdi
2016-03-02 18:45:51 ----D---- C:\Program Files (x86)\Opera
2016-02-26 15:30:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-26 15:30:26 ----SD---- C:\Windows\system32\GWX
2016-02-23 13:28:58 ----D---- C:\ProgramData\AVG Web TuneUp
2016-02-23 13:28:13 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2016-02-17 20:41:41 ----D---- C:\Windows\Microsoft.NET
2016-02-16 00:30:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-11 12:38:11 ----D---- C:\Windows\rescache
2016-02-11 11:58:50 ----RSD---- C:\Windows\assembly
2016-02-11 08:57:35 ----D---- C:\Program Files\Windows Journal
2016-02-11 08:57:34 ----SD---- C:\Windows\system32\CompatTel
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 08:57:34 ----D---- C:\Windows\system32\sk-SK
2016-02-11 08:57:34 ----D---- C:\Windows\system32\appraiser
2016-02-11 08:57:34 ----D---- C:\Program Files\Internet Explorer
2016-02-11 08:57:34 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 08:57:33 ----D---- C:\Windows\system32\en-US
2016-02-11 08:57:03 ----D---- C:\Windows\sk-SK
2016-02-11 01:02:15 ----D---- C:\Windows\system32\MRT
2016-02-11 00:44:21 ----A---- C:\Windows\system32\MRT.exe
2016-02-11 00:38:43 ----D---- C:\ProgramData\Microsoft Help
2016-02-11 00:37:59 ----A---- C:\Windows\win.ini
2016-02-10 16:43:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-08 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-01-22 260528]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-20 530488]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1200000.080\SYMDS64.SYS [2010-05-19 450096]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1200000.080\SYMEFA64.SYS [2010-05-19 815664]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-01-05 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-11 26528]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVia64.sys [2010-05-18 463408]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [2010-05-24 38248]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1200000.080\SYMNETS.SYS [2010-05-11 380464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 83456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-12-03 173616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx64.sys [2010-05-19 942640]
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1200000.080\Ironx64.SYS [2010-05-17 168496]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 114560]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-08-23 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-08-23 27760]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2010-05-22 78848]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 120704]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-09-01 165504]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100728.021\EX64.SYS []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2010-11-05 15144]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [2010-05-24 701800]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-02-01 3881184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-02-01 561104]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2015-02-27 35616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-10-09 2934048]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-02-01 604144]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#10 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
delmadord
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 08 bře 2016 20:25

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#11 Příspěvek od delmadord »

Dobrý večer Rudy,
moc evidentných zmien po týždni používania som nespozoroval. Bude to zrejme aj koli bloatware a malou RAM ako som spomínal.

Vyťaženie procesora so všetkými aplikáciami zavretými je 8-16%.


Ďakujem
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zvýšená aktivita procesora, pravidelné mrznutie na ~10se

#12 Příspěvek od Rudy »

Nnení zač. Měl jsem na mysli to mrznutí. Zatížení je teď OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“