Dobrý den,
dnes ráno se moje pc začalo chovat divně (pomalejší reakce při bežných úkonech, vytížení cpu na 100% v task manageru). Mohl bych poprosit o kontrolu RSIT? Díky.
Logfile of random's system information tool 1.14 (written by random/random)
Run by marian at 2016-11-06 08:42:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (16%) free of 114 GB
Total RAM: 15306 MB (79% free)
X64
HijackThis download failed
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe /host HostCheckerService
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE" /FU "C:\Windows\TEMP\E_S4D74.tmp" /EF "HKCU"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE" /FU "C:\Windows\TEMP\E_S2E21.tmp" /EF "HKCU"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE" /FU "C:\Windows\TEMP\E_S5714.tmp" /EF "HKCU"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008fc
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f577d61-bd8b-4065-bd38-d84b3dc1840a -SystemEventPortName:HostProcess-cd17751f-d202-4b58-8084-ea1a23fd2532 -IoCancelEventPortName:HostProcess-ef7d5e22-0ddd-491a-85ba-4be0e5581ad1 -NonStateChangingEventPortName:HostProcess-e6fe17f7-876b-439d-9ff9-a9b9957b04ae -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f17f488-4e05-4ade-934b-49a35a5f50f7 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "F:\marian lidovky\pdf\aj, starala - lead.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=4848.0.1461590717 --type=renderer "F:\marian lidovky\pdf\aj, starala - lead.pdf"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "F:\marian lidovky\pdf\beránci-lead sheet.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=7124.0.1135179660 --type=renderer "F:\marian lidovky\pdf\beránci-lead sheet.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "F:\marian lidovky\pdf\beránci-lead sheet.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=7156.0.204302121 --type=renderer "F:\marian lidovky\pdf\beránci-lead sheet.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "F:\marian lidovky\pdf\furman-lead.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=8200.0.1447705052 --type=renderer "F:\marian lidovky\pdf\furman-lead.pdf"
C:\Windows\splwow64.exe 8192
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "26338425-10736683849303831638740809171121890963-2006077593-7190988872040230971
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:jGLIBY/NvEmjYw8h.1
C:\Windows\system32\taskmgr.exe
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\marian\Desktop\RSITx64.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8d13b51bd12c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff20f9254c09a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\Synology Data Replicator 3-marian-PC-marian - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\User_Feed_Synchronization-{5B592E20-EC3B-4702-B847-38B51B5C79CF} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{034BE9A7-0CB7-47F8-8505-507663D3C87B} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\Ableton\LIVE82~1.2\Redist\VCREDI~1.EXE -d C:\Windows\SysWOW64 -c /q:a
C:\Windows\system32\tasks\{34977F29-B4A8-4253-8BB2-9C434E93F073} - C:\Windows\system32\pcalua.exe -a "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR\ARP2600_V_2.0_Setup.exe" -d "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR"
C:\Windows\system32\tasks\{508B6820-F25A-4F6E-BFDD-85ACAE9A8866} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\Spectre-installer.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\{8D8B08AD-5600-4217-AF82-1038C2D418BF} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\srwa5-1.61.4.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\Windows\system32\tasks\ASUS\i-Setup091927 - C:\Windows\Chipset\AsusSetup.exe -a -reboot -log091927
=========Google Chrome=========
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aaaaacalgebmfelllfiaoknifldpngjh 0 Avira SearchFree Toolbar plus Web Protection 55.20
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bmkckgpgekmanipelfidlhmkfcjicion 2 Bing Search Engine 0.0.0.5
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension flliilndjeohchalpbbcdekjklbdgfkk 2 Avira Browser Safety 1.4.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ilfoopambfaclfjmpiaijnccgcmbeigi 1 FormApps Chrome Extension 1.5.0.20
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.search.ask.com/?o=APN11459&g ... 27-346&t=4
default_search_provider.search_url: http://dts.search.ask.com/sr?src=crb&gc ... earchTerms}
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.6.602.171 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll
Plugin 11.0.02.0 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
Plugin 1.3.21.135 Google Update C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
Plugin 2.0.2 VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin 11,6,602,168 Shockwave Flash C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh]
"Path"=C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}]
"URL"=http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}]
"URL"=http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-10-20 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-10-20 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-10 1427648]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2016-10-18 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"EPSON SX410 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [2015-01-04 223232]
"\\DISKSTATION\usbprinter1"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [2015-01-04 223232]
"EPSON SX410 Series (kopie 1)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [2015-01-04 223232]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-09-05 4299968]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2016-11-02 916072]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-23 86016]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-09-18 60136]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-01-08 2086240]
"DelaypluginInstall"=C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe []
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-01-08 2066432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2016-07-08 571392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-02 1156824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-05 11:46:22 ----DC---- C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
2016-10-18 22:43:18 ----D---- C:\Program Files (x86)\CeRegEditor
2016-10-18 22:43:14 ----D---- C:\Windows\WindowsMobile
2016-10-11 18:39:48 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 18:39:45 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wow64win.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\winsrv.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\smss.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kernel32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 18:39:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\conhost.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 18:39:19 ----A---- C:\Windows\system32\centel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\explorer.exe
2016-10-11 18:39:15 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-11 18:39:15 ----A---- C:\Windows\system32\poqexec.exe
2016-10-07 16:30:31 ----A---- C:\Windows\system32\drivers\avusbflt.sys
======List of files/folders modified in the last 1 month======
2016-11-06 08:41:44 ----D---- C:\Windows\Temp
2016-11-06 08:32:41 ----D---- C:\Users\marian\AppData\Roaming\Skype
2016-11-06 08:21:06 ----D---- C:\Windows\system32\config
2016-11-06 08:12:30 ----D---- C:\Windows\System32
2016-11-06 08:12:30 ----D---- C:\Windows\inf
2016-11-06 08:12:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-06 08:06:52 ----HD---- C:\ProgramData
2016-11-05 12:43:58 ----D---- C:\Windows\system32\catroot
2016-11-05 12:43:38 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2016-11-05 12:06:06 ----SHD---- C:\Windows\Installer
2016-11-05 12:06:06 ----RD---- C:\Program Files (x86)
2016-11-05 12:05:39 ----SHD---- C:\System Volume Information
2016-11-05 11:12:39 ----D---- C:\Program Files\Native Instruments
2016-11-05 11:12:38 ----D---- C:\Windows\system32\DriverStore
2016-11-05 11:11:53 ----D---- C:\Program Files\Common Files\Native Instruments
2016-11-04 22:37:04 ----D---- C:\Users\marian\AppData\Roaming\vlc
2016-11-03 20:57:44 ----D---- C:\ProgramData\Native Instruments
2016-11-02 19:23:12 ----D---- C:\Windows\system32\drivers
2016-10-31 16:54:49 ----D---- C:\Users\marian\AppData\Roaming\Mp3tag
2016-10-30 12:35:09 ----D---- C:\Windows\SysWOW64
2016-10-30 12:35:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-30 12:35:05 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-30 12:35:05 ----D---- C:\Windows\system32\Macromed
2016-10-30 12:31:00 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 12:31:00 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 12:30:57 ----D---- C:\ProgramData\Skype
2016-10-19 19:02:57 ----D---- C:\Windows\rescache
2016-10-18 22:44:06 ----SD---- C:\Users\marian\AppData\Roaming\Microsoft
2016-10-18 22:44:04 ----D---- C:\Windows\system32\drivers\UMDF
2016-10-18 22:43:30 ----D---- C:\Windows\system32\LogFiles
2016-10-18 22:43:14 ----D---- C:\Windows
2016-10-18 22:43:12 ----D---- C:\Windows\system32\catroot2
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\ceutil.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wmcoinst-070531-0952.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\ceutil.dll
2016-10-12 15:36:12 ----D---- C:\Windows\Microsoft.NET
2016-10-12 15:36:07 ----RSD---- C:\Windows\assembly
2016-10-12 15:24:10 ----D---- C:\Windows\winsxs
2016-10-12 15:16:08 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 15:00:53 ----D---- C:\Program Files\Windows Media Player
2016-10-12 15:00:53 ----D---- C:\Program Files\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 15:00:52 ----D---- C:\Windows\system32\en-US
2016-10-12 15:00:52 ----D---- C:\Windows\system32\Dism
2016-10-12 15:00:52 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 15:00:51 ----D---- C:\Windows\system32\Boot
2016-10-12 15:00:51 ----D---- C:\Windows\AppPatch
2016-10-12 15:00:50 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 15:00:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-12 15:00:50 ----D---- C:\Windows\system32\appraiser
2016-10-12 15:00:50 ----D---- C:\Windows\cs-CZ
2016-10-11 19:32:38 ----D---- C:\ProgramData\Microsoft Help
2016-10-11 19:31:51 ----D---- C:\Windows\system32\MRT
2016-10-11 19:28:58 ----AC---- C:\Windows\system32\MRT.exe
2016-10-11 19:28:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-11 19:28:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 19:27:24 ----D---- C:\Windows\Logs
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-07 145536]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2016-10-07 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-11-18 21184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-11-18 806032]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-08-05 45856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-08-05 105096]
R1 jnprns;Juniper Network Service; C:\Windows\system32\DRIVERS\jnprns.sys [2014-03-13 506160]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-11-02 177432]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-14 79696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-09-05 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-09-05 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service; C:\Windows\system32\DRIVERS\jnprvamgr.sys [2014-03-13 45352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 jnprva;Juniper Networks Virtual Adapter Service; C:\Windows\system32\DRIVERS\jnprva.sys [2014-03-13 30072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2016-10-18 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983); \??\C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [2014-04-09 108344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-02 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2016-11-02 475232]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2016-11-02 475232]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-09-18 324304]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-09-10 5542472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-08 388968]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2015-01-04 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2015-01-04 126464]
R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-04-08 159280]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\rapimgr.dll
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\wcescomm.dll
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-09-05 1467072]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2016-11-02 1089088]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2016-11-02 1488240]
S2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-30 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-10 2265792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-11 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyuziti CPU 100%, pomalé PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
Zdá se, že se to chove už normálně. Jak je na tom log?
# AdwCleaner v6.030 - Log soubor vytvořen 06/11/2016 na 15:48:18
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-05.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : marian - MARIAN-PC
# Beží od : C:\Users\marian\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služby smazány:APNMCP
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\f18ce93147ee1d59
[-] Adresář smazán:C:\Users\marian\AppData\Local\Babylon
[-] Adresář smazán:C:\Users\marian\AppData\Roaming\Babylon
[-] Adresář smazán:C:\Users\marian\Desktop\NP
[-] Adresář smazán:C:\ProgramData\apn
[-] Adresář smazán:C:\ProgramData\AskPartnerNetwork
[-] Adresář smazán:C:\ProgramData\Babylon
[-] Adresář smazán:C:\ProgramData\SafetyNut
[#] Adresář nelze smazat:C:\ProgramData\Application Data\apn
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AskPartnerNetwork
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Babylon
[#] Adresář nelze smazat:C:\ProgramData\Application Data\SafetyNut
[-] Adresář smazán:C:\Program Files (x86)\Browser Tab Search by Ask
[#] Adresář nelze smazat:C:\Program Files (x86)\browser tab search by ask
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\apn
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\APN-Stub
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\APNLogs
[-] Adresář smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
[-] Adresář smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0
***** [ Soubory ] *****
[-] Soubor smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage
[-] Soubor smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Prod.cap
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
[-] Klíč smazán:HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Check Point Software Technologies LTD
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\SafetyNut
[#] Klíč smazán po restartování:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\SAFETYNUT
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Klíč smazán po restartování:HKCU\Software\Check Point Software Technologies LTD
[#] Klíč smazán po restartování:HKCU\Software\SafetyNut
[#] Klíč smazán po restartování:HKCU\Software\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Check Point Software Technologies LTD
[-] Klíč smazán:HKLM\SOFTWARE\SafetyNut
[#] Klíč smazán po restartování:HKLM\SOFTWARE\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Tab Search by Ask_IE
[#] Klíč smazán po restartování:[x64] HKCU\Software\Check Point Software Technologies LTD
[#] Klíč smazán po restartování:[x64] HKCU\Software\SafetyNut
[#] Klíč smazán po restartování:[x64] HKCU\Software\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\25946514D2147365007AA787E6479D47
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data obnovena:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\f
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
[#] Klíč smazán po restartování:[x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
***** [ Prohlížeče ] *****
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:check point software technologies ltd
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:ask.com
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 27-346&t=4
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=ce6d969616994627b906fb128784f992&tu=10G9y00Bo2B0Ca0&sku=&tstsId=&ver=&
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:aaaaacalgebmfelllfiaoknifldpngjh
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:bmkckgpgekmanipelfidlhmkfcjicion
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 27-346&t=4
[-] [C:\Users\marian\AppData\Local\Comodo\Dragon\User Data\Default\Web data] [Search Provider] Smazání:Ask.com
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12462 Bajtů] - [06/11/2016 15:48:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [16031 Bajtů] - [23/05/2014 10:32:14]
C:\AdwCleaner\AdwCleaner[S0].txt - [14366 Bajtů] - [23/05/2014 10:32:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [12571 Bajtů] - [06/11/2016 15:44:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12762 Bajtů] ##########
# AdwCleaner v6.030 - Log soubor vytvořen 06/11/2016 na 15:48:18
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-05.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : marian - MARIAN-PC
# Beží od : C:\Users\marian\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služby smazány:APNMCP
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\f18ce93147ee1d59
[-] Adresář smazán:C:\Users\marian\AppData\Local\Babylon
[-] Adresář smazán:C:\Users\marian\AppData\Roaming\Babylon
[-] Adresář smazán:C:\Users\marian\Desktop\NP
[-] Adresář smazán:C:\ProgramData\apn
[-] Adresář smazán:C:\ProgramData\AskPartnerNetwork
[-] Adresář smazán:C:\ProgramData\Babylon
[-] Adresář smazán:C:\ProgramData\SafetyNut
[#] Adresář nelze smazat:C:\ProgramData\Application Data\apn
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AskPartnerNetwork
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Babylon
[#] Adresář nelze smazat:C:\ProgramData\Application Data\SafetyNut
[-] Adresář smazán:C:\Program Files (x86)\Browser Tab Search by Ask
[#] Adresář nelze smazat:C:\Program Files (x86)\browser tab search by ask
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\apn
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\APN-Stub
[-] Adresář smazán:C:\Users\marian\AppData\Local\Temp\APNLogs
[-] Adresář smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
[-] Adresář smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0
***** [ Soubory ] *****
[-] Soubor smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage
[-] Soubor smazán:C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Prod.cap
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
[-] Klíč smazán:HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Check Point Software Technologies LTD
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\SafetyNut
[#] Klíč smazán po restartování:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\SAFETYNUT
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Klíč smazán po restartování:HKCU\Software\Check Point Software Technologies LTD
[#] Klíč smazán po restartování:HKCU\Software\SafetyNut
[#] Klíč smazán po restartování:HKCU\Software\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Check Point Software Technologies LTD
[-] Klíč smazán:HKLM\SOFTWARE\SafetyNut
[#] Klíč smazán po restartování:HKLM\SOFTWARE\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Tab Search by Ask_IE
[#] Klíč smazán po restartování:[x64] HKCU\Software\Check Point Software Technologies LTD
[#] Klíč smazán po restartování:[x64] HKCU\Software\SafetyNut
[#] Klíč smazán po restartování:[x64] HKCU\Software\SAFETYNUT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\25946514D2147365007AA787E6479D47
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data obnovena:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[-] Klíč smazán:HKU\S-1-5-21-331566265-2434109708-716595970-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B1D09A12-D5A0-4191-818A-F0C463DB0E60}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\app.mam.conduit.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]
[-] Klíč smazán:HKLM\SOFTWARE\Classes\f
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
[#] Klíč smazán po restartování:[x64] HKCU\Software\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
***** [ Prohlížeče ] *****
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:check point software technologies ltd
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:ask.com
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 27-346&t=4
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=ce6d969616994627b906fb128784f992&tu=10G9y00Bo2B0Ca0&sku=&tstsId=&ver=&
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:aaaaacalgebmfelllfiaoknifldpngjh
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:bmkckgpgekmanipelfidlhmkfcjicion
[-] [C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 27-346&t=4
[-] [C:\Users\marian\AppData\Local\Comodo\Dragon\User Data\Default\Web data] [Search Provider] Smazání:Ask.com
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12462 Bajtů] - [06/11/2016 15:48:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [16031 Bajtů] - [23/05/2014 10:32:14]
C:\AdwCleaner\AdwCleaner[S0].txt - [14366 Bajtů] - [23/05/2014 10:32:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [12571 Bajtů] - [06/11/2016 15:44:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12762 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
Logfile of random's system information tool 1.14 (written by random/random)
Run by marian at 2016-11-07 05:40:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 6 GB (5%) free of 114 GB
Total RAM: 15306 MB (79% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:40:32, on 7.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\marian_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [\\DISKSTATION\usbprinter1] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S2E21.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: Domain = ad.agel.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: NameServer = 10.1.1.230,10.1.1.231
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = emnis.cz3
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks, Inc. - C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\MobileGo\Wondershare\MobileGo\DriverInstall.exe (file missing)
--
End of file - 13738 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe /host HostCheckerService
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE" /FU "C:\Windows\TEMP\E_S2E21.tmp" /EF "HKCU"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe"
"C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" -s
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008d0
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\splwow64.exe 8192
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5cce2c57-ce03-4b64-bfca-d664c8eed5f7 -SystemEventPortName:HostProcess-23de259c-78e2-4f51-8be1-e573b5b177b3 -IoCancelEventPortName:HostProcess-380c01fb-2dfd-4112-8858-a68dda11c501 -NonStateChangingEventPortName:HostProcess-14e635aa-2f65-497f-ab0a-d12aae295923 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9c82e9fb-c668-4ec3-90db-f4b2c35e621b -DeviceGroupId:WpdFsGroup
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 868 872 880 65536 876
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8d13b51bd12c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff20f9254c09a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\Synology Data Replicator 3-marian-PC-marian - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\User_Feed_Synchronization-{5B592E20-EC3B-4702-B847-38B51B5C79CF} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{034BE9A7-0CB7-47F8-8505-507663D3C87B} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\Ableton\LIVE82~1.2\Redist\VCREDI~1.EXE -d C:\Windows\SysWOW64 -c /q:a
C:\Windows\system32\tasks\{34977F29-B4A8-4253-8BB2-9C434E93F073} - C:\Windows\system32\pcalua.exe -a "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR\ARP2600_V_2.0_Setup.exe" -d "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR"
C:\Windows\system32\tasks\{508B6820-F25A-4F6E-BFDD-85ACAE9A8866} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\Spectre-installer.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\{8D8B08AD-5600-4217-AF82-1038C2D418BF} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\srwa5-1.61.4.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\Windows\system32\tasks\ASUS\i-Setup091927 - C:\Windows\Chipset\AsusSetup.exe -a -reboot -log091927
=========Google Chrome=========
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension fheoggkfdfchfphceeifdbepaooicaho 1 McAfee® WebAdvisor 5.0.272.0
Extension flliilndjeohchalpbbcdekjklbdgfkk 2 Avira Browser Safety 1.4.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ilfoopambfaclfjmpiaijnccgcmbeigi 1 FormApps Chrome Extension 1.5.0.20
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url: http://dts.search.ask.com/sr?src=crb&gc ... earchTerms}
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.6.602.171 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll
Plugin 11.0.02.0 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
Plugin 1.3.21.135 Google Update C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
Plugin 2.0.2 VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin 11,6,602,168 Shockwave Flash C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-10-20 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-10-20 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-10 1427648]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2016-10-18 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"\\DISKSTATION\usbprinter1"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [2015-01-04 223232]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2016-11-02 916072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-23 86016]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-09-18 60136]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-01-08 2086240]
"DelaypluginInstall"=C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe []
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-01-08 2066432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2016-07-08 571392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-02 1156824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-06 20:54:50 ----HDC---- C:\ProgramData\{A4FF347C-7353-4B5D-B479-1933EFF12E9A}
2016-11-06 20:54:11 ----HDC---- C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
2016-11-06 20:53:47 ----HDC---- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2016-11-06 20:53:09 ----HDC---- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2016-11-06 20:53:01 ----HDC---- C:\ProgramData\{B9F6456A-E0C8-4BD3-A6E8-AFA8859EC4C4}
2016-11-06 20:52:53 ----HDC---- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2016-11-06 20:20:26 ----D---- C:\Program Files (x86)\McAfee
2016-11-06 19:42:59 ----HDC---- C:\ProgramData\{4FCEED6C-B7D3-485B-A843-C3DBD468BF17}
2016-11-05 11:46:22 ----HDC---- C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
2016-10-18 22:43:18 ----D---- C:\Program Files (x86)\CeRegEditor
2016-10-18 22:43:14 ----D---- C:\Windows\WindowsMobile
2016-10-11 18:39:48 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 18:39:45 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wow64win.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\winsrv.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\smss.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kernel32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 18:39:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\conhost.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 18:39:19 ----A---- C:\Windows\system32\centel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\explorer.exe
2016-10-11 18:39:15 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-11 18:39:15 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2016-11-07 05:40:32 ----D---- C:\Windows\Temp
2016-11-07 05:40:32 ----D---- C:\Program Files\trend micro
2016-11-07 05:39:20 ----D---- C:\Windows\System32
2016-11-07 05:39:20 ----D---- C:\Windows\inf
2016-11-07 05:39:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-07 05:36:35 ----D---- C:\Windows\system32\config
2016-11-07 05:34:28 ----D---- C:\Users\marian\AppData\Roaming\Skype
2016-11-06 22:28:55 ----SHD---- C:\System Volume Information
2016-11-06 20:54:50 ----SHD---- C:\Windows\Installer
2016-11-06 20:54:50 ----HD---- C:\ProgramData
2016-11-06 20:54:35 ----D---- C:\Program Files\Native Instruments
2016-11-06 20:54:35 ----D---- C:\Program Files\Common Files\Native Instruments
2016-11-06 20:54:27 ----D---- C:\Windows\system32\DriverStore
2016-11-06 20:50:34 ----D---- C:\Program Files (x86)\Steinberg
2016-11-06 20:20:34 ----D---- C:\Program Files (x86)\Common Files
2016-11-06 20:20:26 ----RD---- C:\Program Files (x86)
2016-11-06 20:20:12 ----D---- C:\ProgramData\McAfee
2016-11-06 20:06:22 ----D---- C:\Program Files (x86)\Arturia
2016-11-06 19:33:59 ----D---- C:\ProgramData\Package Cache
2016-11-06 19:33:39 ----D---- C:\Windows\SysWOW64
2016-11-06 19:33:38 ----A---- C:\Windows\SYSWOW64\vcamp140.dll
2016-11-06 19:26:24 ----D---- C:\ProgramData\Arturia
2016-11-06 19:22:53 ----D---- C:\Program Files\Common Files\VST3
2016-11-06 18:41:11 ----RD---- C:\Program Files
2016-11-06 15:48:18 ----D---- C:\AdwCleaner
2016-11-05 12:43:58 ----D---- C:\Windows\system32\catroot
2016-11-05 12:43:38 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2016-11-04 22:37:04 ----D---- C:\Users\marian\AppData\Roaming\vlc
2016-11-03 20:57:44 ----D---- C:\ProgramData\Native Instruments
2016-11-02 19:23:12 ----D---- C:\Windows\system32\drivers
2016-10-31 16:54:49 ----D---- C:\Users\marian\AppData\Roaming\Mp3tag
2016-10-30 12:35:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-30 12:35:05 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-30 12:35:05 ----D---- C:\Windows\system32\Macromed
2016-10-30 12:31:00 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 12:30:57 ----D---- C:\ProgramData\Skype
2016-10-19 19:02:57 ----D---- C:\Windows\rescache
2016-10-18 22:44:06 ----SD---- C:\Users\marian\AppData\Roaming\Microsoft
2016-10-18 22:44:04 ----D---- C:\Windows\system32\drivers\UMDF
2016-10-18 22:43:30 ----D---- C:\Windows\system32\LogFiles
2016-10-18 22:43:14 ----D---- C:\Windows
2016-10-18 22:43:12 ----D---- C:\Windows\system32\catroot2
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\ceutil.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wmcoinst-070531-0952.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\ceutil.dll
2016-10-12 15:36:12 ----D---- C:\Windows\Microsoft.NET
2016-10-12 15:36:07 ----RSD---- C:\Windows\assembly
2016-10-12 15:24:10 ----D---- C:\Windows\winsxs
2016-10-12 15:16:08 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 15:00:53 ----D---- C:\Program Files\Windows Media Player
2016-10-12 15:00:53 ----D---- C:\Program Files\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 15:00:52 ----D---- C:\Windows\system32\en-US
2016-10-12 15:00:52 ----D---- C:\Windows\system32\Dism
2016-10-12 15:00:52 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 15:00:51 ----D---- C:\Windows\system32\Boot
2016-10-12 15:00:51 ----D---- C:\Windows\AppPatch
2016-10-12 15:00:50 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 15:00:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-12 15:00:50 ----D---- C:\Windows\system32\appraiser
2016-10-12 15:00:50 ----D---- C:\Windows\cs-CZ
2016-10-11 19:32:38 ----D---- C:\ProgramData\Microsoft Help
2016-10-11 19:31:51 ----D---- C:\Windows\system32\MRT
2016-10-11 19:28:58 ----AC---- C:\Windows\system32\MRT.exe
2016-10-11 19:28:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-11 19:28:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 19:27:24 ----D---- C:\Windows\Logs
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-07 145536]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2016-10-07 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-11-18 21184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-11-18 806032]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-08-05 45856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-08-05 105096]
R1 jnprns;Juniper Network Service; C:\Windows\system32\DRIVERS\jnprns.sys [2014-03-13 506160]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-11-02 177432]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-14 79696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service; C:\Windows\system32\DRIVERS\jnprvamgr.sys [2014-03-13 45352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-11-06 46240]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-09-05 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-09-05 47672]
S3 jnprva;Juniper Networks Virtual Adapter Service; C:\Windows\system32\DRIVERS\jnprva.sys [2014-03-13 30072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2016-10-18 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983); \??\C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [2014-04-09 108344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-02 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2016-11-02 475232]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2016-11-02 475232]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-09-18 324304]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-09-10 5542472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-08 388968]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2015-01-04 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2015-01-04 126464]
R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-04-08 159280]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-11-06 163592]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2016-11-06 5739008]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\rapimgr.dll
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\wcescomm.dll
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2016-11-02 1089088]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2016-11-02 1488240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-30 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-10 2265792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-11 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by marian at 2016-11-07 05:40:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 6 GB (5%) free of 114 GB
Total RAM: 15306 MB (79% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:40:32, on 7.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\marian_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [\\DISKSTATION\usbprinter1] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\Windows\TEMP\E_S2E21.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: Domain = ad.agel.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: NameServer = 10.1.1.230,10.1.1.231
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = emnis.cz3
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks, Inc. - C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\MobileGo\Wondershare\MobileGo\DriverInstall.exe (file missing)
--
End of file - 13738 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe /host HostCheckerService
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_IATIFCE.EXE" /FU "C:\Windows\TEMP\E_S2E21.tmp" /EF "HKCU"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe"
"C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" -s
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008d0
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\splwow64.exe 8192
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5cce2c57-ce03-4b64-bfca-d664c8eed5f7 -SystemEventPortName:HostProcess-23de259c-78e2-4f51-8be1-e573b5b177b3 -IoCancelEventPortName:HostProcess-380c01fb-2dfd-4112-8858-a68dda11c501 -NonStateChangingEventPortName:HostProcess-14e635aa-2f65-497f-ab0a-d12aae295923 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9c82e9fb-c668-4ec3-90db-f4b2c35e621b -DeviceGroupId:WpdFsGroup
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 868 872 880 65536 876
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8d13b51bd12c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff20f9254c09a.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\Synology Data Replicator 3-marian-PC-marian - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
C:\Windows\system32\tasks\User_Feed_Synchronization-{5B592E20-EC3B-4702-B847-38B51B5C79CF} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{034BE9A7-0CB7-47F8-8505-507663D3C87B} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\Ableton\LIVE82~1.2\Redist\VCREDI~1.EXE -d C:\Windows\SysWOW64 -c /q:a
C:\Windows\system32\tasks\{34977F29-B4A8-4253-8BB2-9C434E93F073} - C:\Windows\system32\pcalua.exe -a "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR\ARP2600_V_2.0_Setup.exe" -d "D:\Music download\Arturia\Arturia.Arp2600.V.VSTi.RTAS.v2.0.Incl.Keygen-AiR"
C:\Windows\system32\tasks\{508B6820-F25A-4F6E-BFDD-85ACAE9A8866} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\Spectre-installer.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\{8D8B08AD-5600-4217-AF82-1038C2D418BF} - C:\Windows\system32\pcalua.exe -a C:\Users\marian\Desktop\srwa5-1.61.4.exe -d C:\Users\marian\Desktop
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\Windows\system32\tasks\ASUS\i-Setup091927 - C:\Windows\Chipset\AsusSetup.exe -a -reboot -log091927
=========Google Chrome=========
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension fheoggkfdfchfphceeifdbepaooicaho 1 McAfee® WebAdvisor 5.0.272.0
Extension flliilndjeohchalpbbcdekjklbdgfkk 2 Avira Browser Safety 1.4.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ilfoopambfaclfjmpiaijnccgcmbeigi 1 FormApps Chrome Extension 1.5.0.20
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url: http://dts.search.ask.com/sr?src=crb&gc ... earchTerms}
C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.6.602.171 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll
Plugin 11.0.02.0 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
Plugin 1.3.21.135 Google Update C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
Plugin 2.0.2 VLC Web Plugin C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin 11,6,602,168 Shockwave Flash C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-10-20 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-10-20 172456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-10 1427648]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2016-10-18 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"\\DISKSTATION\usbprinter1"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [2015-01-04 223232]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27021952]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2016-11-02 916072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-23 86016]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-09-18 60136]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-01-08 2086240]
"DelaypluginInstall"=C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe []
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-01-08 2066432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2016-07-08 571392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-02 1156824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-06 20:54:50 ----HDC---- C:\ProgramData\{A4FF347C-7353-4B5D-B479-1933EFF12E9A}
2016-11-06 20:54:11 ----HDC---- C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
2016-11-06 20:53:47 ----HDC---- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2016-11-06 20:53:09 ----HDC---- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2016-11-06 20:53:01 ----HDC---- C:\ProgramData\{B9F6456A-E0C8-4BD3-A6E8-AFA8859EC4C4}
2016-11-06 20:52:53 ----HDC---- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2016-11-06 20:20:26 ----D---- C:\Program Files (x86)\McAfee
2016-11-06 19:42:59 ----HDC---- C:\ProgramData\{4FCEED6C-B7D3-485B-A843-C3DBD468BF17}
2016-11-05 11:46:22 ----HDC---- C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
2016-10-18 22:43:18 ----D---- C:\Program Files (x86)\CeRegEditor
2016-10-18 22:43:14 ----D---- C:\Windows\WindowsMobile
2016-10-11 18:39:48 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 18:39:47 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-11 18:39:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\mf.dll
2016-10-11 18:39:46 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 18:39:45 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\evr.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 18:39:45 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 18:39:45 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 18:39:44 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 18:39:44 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 18:39:44 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 18:39:44 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wow64win.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\winsrv.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\smss.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\occache.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kernel32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 18:39:43 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\certcli.dll
2016-10-11 18:39:43 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 18:39:42 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\wow64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 18:39:42 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\conhost.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 18:39:42 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 18:39:42 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 18:39:19 ----A---- C:\Windows\system32\centel.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 18:39:19 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 18:39:18 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-11 18:39:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 18:39:17 ----A---- C:\Windows\system32\authui.dll
2016-10-11 18:39:17 ----A---- C:\Windows\explorer.exe
2016-10-11 18:39:15 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-11 18:39:15 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2016-11-07 05:40:32 ----D---- C:\Windows\Temp
2016-11-07 05:40:32 ----D---- C:\Program Files\trend micro
2016-11-07 05:39:20 ----D---- C:\Windows\System32
2016-11-07 05:39:20 ----D---- C:\Windows\inf
2016-11-07 05:39:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-07 05:36:35 ----D---- C:\Windows\system32\config
2016-11-07 05:34:28 ----D---- C:\Users\marian\AppData\Roaming\Skype
2016-11-06 22:28:55 ----SHD---- C:\System Volume Information
2016-11-06 20:54:50 ----SHD---- C:\Windows\Installer
2016-11-06 20:54:50 ----HD---- C:\ProgramData
2016-11-06 20:54:35 ----D---- C:\Program Files\Native Instruments
2016-11-06 20:54:35 ----D---- C:\Program Files\Common Files\Native Instruments
2016-11-06 20:54:27 ----D---- C:\Windows\system32\DriverStore
2016-11-06 20:50:34 ----D---- C:\Program Files (x86)\Steinberg
2016-11-06 20:20:34 ----D---- C:\Program Files (x86)\Common Files
2016-11-06 20:20:26 ----RD---- C:\Program Files (x86)
2016-11-06 20:20:12 ----D---- C:\ProgramData\McAfee
2016-11-06 20:06:22 ----D---- C:\Program Files (x86)\Arturia
2016-11-06 19:33:59 ----D---- C:\ProgramData\Package Cache
2016-11-06 19:33:39 ----D---- C:\Windows\SysWOW64
2016-11-06 19:33:38 ----A---- C:\Windows\SYSWOW64\vcamp140.dll
2016-11-06 19:26:24 ----D---- C:\ProgramData\Arturia
2016-11-06 19:22:53 ----D---- C:\Program Files\Common Files\VST3
2016-11-06 18:41:11 ----RD---- C:\Program Files
2016-11-06 15:48:18 ----D---- C:\AdwCleaner
2016-11-05 12:43:58 ----D---- C:\Windows\system32\catroot
2016-11-05 12:43:38 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2016-11-04 22:37:04 ----D---- C:\Users\marian\AppData\Roaming\vlc
2016-11-03 20:57:44 ----D---- C:\ProgramData\Native Instruments
2016-11-02 19:23:12 ----D---- C:\Windows\system32\drivers
2016-10-31 16:54:49 ----D---- C:\Users\marian\AppData\Roaming\Mp3tag
2016-10-30 12:35:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-30 12:35:05 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-30 12:35:05 ----D---- C:\Windows\system32\Macromed
2016-10-30 12:31:00 ----RD---- C:\Program Files (x86)\Skype
2016-10-30 12:30:57 ----D---- C:\ProgramData\Skype
2016-10-19 19:02:57 ----D---- C:\Windows\rescache
2016-10-18 22:44:06 ----SD---- C:\Users\marian\AppData\Roaming\Microsoft
2016-10-18 22:44:04 ----D---- C:\Windows\system32\drivers\UMDF
2016-10-18 22:43:30 ----D---- C:\Windows\system32\LogFiles
2016-10-18 22:43:14 ----D---- C:\Windows
2016-10-18 22:43:12 ----D---- C:\Windows\system32\catroot2
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\SYSWOW64\ceutil.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wmcoinst-070531-0952.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\wcescommproxy.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapistub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapiproxystub.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\rapi.dll
2016-10-18 22:43:09 ----A---- C:\Windows\system32\ceutil.dll
2016-10-12 15:36:12 ----D---- C:\Windows\Microsoft.NET
2016-10-12 15:36:07 ----RSD---- C:\Windows\assembly
2016-10-12 15:24:10 ----D---- C:\Windows\winsxs
2016-10-12 15:16:08 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 15:00:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 15:00:53 ----D---- C:\Program Files\Windows Media Player
2016-10-12 15:00:53 ----D---- C:\Program Files\Internet Explorer
2016-10-12 15:00:53 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 15:00:52 ----D---- C:\Windows\system32\en-US
2016-10-12 15:00:52 ----D---- C:\Windows\system32\Dism
2016-10-12 15:00:52 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 15:00:51 ----D---- C:\Windows\system32\Boot
2016-10-12 15:00:51 ----D---- C:\Windows\AppPatch
2016-10-12 15:00:50 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 15:00:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-12 15:00:50 ----D---- C:\Windows\system32\appraiser
2016-10-12 15:00:50 ----D---- C:\Windows\cs-CZ
2016-10-11 19:32:38 ----D---- C:\ProgramData\Microsoft Help
2016-10-11 19:31:51 ----D---- C:\Windows\system32\MRT
2016-10-11 19:28:58 ----AC---- C:\Windows\system32\MRT.exe
2016-10-11 19:28:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-11 19:28:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 19:27:24 ----D---- C:\Windows\Logs
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-07 145536]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2016-10-07 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-11-18 21184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-11-18 806032]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-08-05 45856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-08-05 105096]
R1 jnprns;Juniper Network Service; C:\Windows\system32\DRIVERS\jnprns.sys [2014-03-13 506160]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-11-02 177432]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-14 79696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service; C:\Windows\system32\DRIVERS\jnprvamgr.sys [2014-03-13 45352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-11-06 46240]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-09-05 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-09-05 47672]
S3 jnprva;Juniper Networks Virtual Adapter Service; C:\Windows\system32\DRIVERS\jnprva.sys [2014-03-13 30072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2016-10-18 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983); \??\C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [2014-04-09 108344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-02 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2016-11-02 475232]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2016-11-02 475232]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-09-18 324304]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-09-10 5542472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-08 388968]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2015-01-04 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2015-01-04 126464]
R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-04-08 159280]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-11-06 163592]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2016-11-06 5739008]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\rapimgr.dll
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; %SystemRoot%\system32\svchost.exe -k WindowsMobile;"ServiceDll"=%windir%\WindowsMobile\wcescomm.dll
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2016-11-02 1089088]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2016-11-02 1488240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-30 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-08-10 2265792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-11 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
Tento PC je váš, nebo firemní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
Osobní.
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
Doména agel.cz, která je patrna z logu je mi podezřelá. Na domácích PC něco takového obvykle není.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8d13b51bd12c.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff20f9254c09a.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\tasks\{508B6820-F25A-4F6E-BFDD-85ACAE9A8866}
C:\Windows\system32\tasks\{8D8B08AD-5600-4217-AF82-1038C2D418BF}
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\{A4FF347C-7353-4B5D-B479-1933EFF12E9A}
C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
C:\ProgramData\{B9F6456A-E0C8-4BD3-A6E8-AFA8859EC4C4}
C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
C:\ProgramData\{4FCEED6C-B7D3-485B-A843-C3DBD468BF17}
C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
Dobrý den. Omlouvám se za opožděnou odpověď. Jedná se sice o osobní PC, nicméně je i částečně použiváno pro práci, agel doména tudiž z mé strany mi není cizí.
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
OK. Mazání jste již provedl?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
OTM provedeno, nicméně se mi v rámci procesu se vynořila hláška Windowsu o kritické chybě s oznámením, že se po minutě vypne. Tak se stalo. OTM sice asi dojelo neboť po restartu vyjela tento log:
Files moved on Reboot...
C:\Users\marian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
1.)Vůbec netuším co se stalo, firewall byl vypnutý, s OTM jsem už pár krát pracoval a tohle se mi stalo poprvé.
2.)Po tom restartu se mi najednou hrozně pomalu načíta přihlašovací obrazovka (pro zadání hesla uživatele). Jednoduše vidím jen to modré pozadí a kurzor. Cca po 2 minutách se mi konečně zobrazí klasická ikonka uživatele s výzvou pro zadání hesla. Tohle rozhodně není normální.
EDIT: Už je to ok. Zřejmě to chtělo ještě jeden restart.
3.)Ještě jsem se zapomněl zmínit o této hlášce, která se při startu nějakou dobu objevuje. Zkoušel jsem zamítnout, zkoušel jsem povolit - pořád vyskakuje. Neměl by jste nápad co s tím?
4.)Pak se mi rozhodně nelíbí něco s názvem "iSkysoft" a jeho "helper" aplikací, která asi tak běží na pozadí, jelikož mi na ní COMODO upozorňuje, zatím jsem neučinil žádné kroky. Jediné čeho jsem se dopátral byla cesta k souborům:
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact
Zde screen složky a obsahu. Jak se toho zbavit?
5.) A snad konečně poslední dotaz. Hledám nějaký velice jednoduchý(uživatelský přivětivý) a učinný firewall. Mám zkušenost s COMODO a ZoneAlarm nicméně oba jsou hodně "pop-up" založené. Jelikož PC používá trochu míň technicky zdatná osoba, chtěl bych zvolit nějakou jinou, poněkud "jednodušší" variantu, přesto ponechat kvalit kterými výše zmíněné disponujou. Znáte nějakou alternativu?
Zde RSIT: (PC se zda být OK)
Logfile of random's system information tool 1.10 (written by random/random)
Run by marian at 2016-12-08 22:55:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 15306 MB (84% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:21, on 8.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\marian.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: Domain = ad.agel.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: NameServer = 10.1.1.230,10.1.1.231
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = emnis.cz3
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks, Inc. - C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\MobileGo\Wondershare\MobileGo\DriverInstall.exe (file missing)
--
End of file - 12786 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe /host HostCheckerService
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000066c
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4a9cadbf-265d-43d6-8ea8-aec7752e56c7 -SystemEventPortName:HostProcess-40c51a7e-322a-4dc3-9e3a-f40a988d72d7 -IoCancelEventPortName:HostProcess-16859f1e-1be9-4282-a3be-8e723278e772 -NonStateChangingEventPortName:HostProcess-e1d6cb91-063b-4115-9abf-5399d516155a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f4515fbe-f139-405c-8cdd-d335bb0b33fb -DeviceGroupId:WpdFsGroup
taskeng.exe {0ABD9AEA-451B-49B4-8A89-DAC1F0D49983}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {8C0C6290-1925-44C1-A924-BCBF667187CD}
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
taskeng.exe {D7B1BFF5-BF2B-473C-8020-82D914A96F06}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 868 872 880 65536 876
wmiadap.exe /F /T /R
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-10-20 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-10-20 172456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2016-10-18 660360]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-14 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27219928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2016-11-02 916072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-11-23 60136]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
"DelaypluginInstall"=C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe []
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-01-08 2066432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2016-07-08 571392]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2016-11-26 421888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-08 22:12:14 ----D---- C:\Program Files\COMODO
2016-12-08 22:11:37 ----D---- C:\ProgramData\Shared Space
2016-11-29 22:11:48 ----D---- C:\Program Files (x86)\Audiophile Inventory
2016-11-26 15:59:51 ----D---- C:\ProgramData\Apple Computer
2016-11-16 20:43:52 ----D---- C:\Users\marian\AppData\Roaming\Notepad++
2016-11-16 20:43:52 ----D---- C:\Program Files (x86)\Notepad++
2016-11-13 12:42:47 ----D---- C:\Users\marian\AppData\Roaming\VitySoft
2016-11-13 12:17:33 ----D---- C:\Users\marian\AppData\Roaming\doublecmd
2016-11-13 01:38:21 ----D---- C:\Spacekace
2016-11-12 18:06:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-12 18:06:29 ----A---- C:\Windows\system32\mshtml.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\wininet.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\jscript9.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\ieframe.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\win32spl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\win32k.sys
2016-11-12 18:06:27 ----A---- C:\Windows\system32\urlmon.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ntdll.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\iertutil.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-12 18:06:27 ----A---- C:\Windows\system32\clfs.sys
2016-11-12 18:06:27 ----A---- C:\Windows\system32\atmfd.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\webcheck.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\occache.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-12 18:06:26 ----A---- C:\Windows\system32\msrating.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\msctf.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\inseng.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\input.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-12 18:06:26 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-12 18:06:26 ----A---- C:\Windows\system32\ieui.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iesetup.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iernonce.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\certcli.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64win.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\winsrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wdigest.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\vbscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\tzres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\sspicli.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\srcore.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\srclient.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\smss.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\schannel.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\secur32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rstrui.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\msaudite.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\lsass.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\lpk.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\kernel32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\kerberos.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\jscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\INETRES.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\fontsub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\dciman32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\credssp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\conhost.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\auditpol.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\atmlib.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidapi.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\advapi32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\adtschema.dll
2016-11-12 18:06:24 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-12 18:06:24 ----A---- C:\Windows\system32\msobjs.dll
2016-11-12 18:06:23 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-12 11:59:45 ----D---- C:\Program Files\McAfee
2016-11-10 06:05:27 ----ASH---- C:\pagefile.sys
======List of files/folders modified in the last 1 month======
2016-12-08 22:55:20 ----D---- C:\Windows\Temp
2016-12-08 22:55:20 ----D---- C:\Program Files\trend micro
2016-12-08 22:51:53 ----D---- C:\Users\marian\AppData\Roaming\Skype
2016-12-08 22:46:11 ----HD---- C:\ProgramData
2016-12-08 22:46:11 ----D---- C:\Windows\Tasks
2016-12-08 22:39:02 ----D---- C:\Windows\system32\config
2016-12-08 22:39:00 ----D---- C:\Windows\winsxs
2016-12-08 22:30:56 ----D---- C:\Windows\System32
2016-12-08 22:30:56 ----D---- C:\Windows\inf
2016-12-08 22:30:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-08 22:27:35 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2016-12-08 22:24:37 ----D---- C:\Program Files (x86)\Common Files
2016-12-08 22:20:33 ----RD---- C:\Program Files (x86)
2016-12-08 22:20:22 ----D---- C:\Windows\SysWOW64
2016-12-08 22:15:45 ----SHD---- C:\Windows\Installer
2016-12-08 22:15:32 ----SHD---- C:\System Volume Information
2016-12-08 22:13:09 ----D---- C:\Windows\system32\drivers
2016-12-08 22:13:07 ----D---- C:\Windows\system32\DriverStore
2016-12-08 22:12:14 ----RD---- C:\Program Files
2016-12-08 22:11:39 ----D---- C:\ProgramData\COMODO
2016-12-08 22:11:15 ----D---- C:\Windows\system32\Tasks
2016-12-08 22:03:35 ----D---- C:\Program Files (x86)\Comodo
2016-12-05 19:55:58 ----D---- C:\Users\marian\AppData\Roaming\Mp3tag
2016-12-04 14:42:29 ----D---- C:\Windows\system32\NDF
2016-12-03 20:50:08 ----D---- C:\Users\marian\AppData\Roaming\vlc
2016-11-29 16:08:31 ----RD---- C:\Program Files (x86)\Skype
2016-11-29 16:08:28 ----D---- C:\ProgramData\Skype
2016-11-26 15:59:55 ----D---- C:\Program Files (x86)\QuickTime
2016-11-23 20:33:50 ----D---- C:\ProgramData\Package Cache
2016-11-16 20:17:07 ----D---- C:\Program Files (x86)\URUSoft
2016-11-13 11:20:31 ----D---- C:\Windows\rescache
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\migration
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-13 03:19:14 ----D---- C:\Windows\system32\migration
2016-11-13 03:19:14 ----D---- C:\Windows\system32\en-US
2016-11-13 03:19:14 ----D---- C:\Windows\system32\cs-CZ
2016-11-13 03:19:14 ----D---- C:\Program Files\Internet Explorer
2016-11-13 03:19:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-13 03:19:13 ----D---- C:\Windows\system32\Boot
2016-11-13 03:19:13 ----D---- C:\Windows\AppPatch
2016-11-13 03:04:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 03:03:43 ----D---- C:\Windows\system32\MRT
2016-11-13 03:01:26 ----AC---- C:\Windows\system32\MRT.exe
2016-11-12 18:03:56 ----D---- C:\Windows\system32\catroot2
2016-11-12 12:35:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-12 12:35:04 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-12 12:35:04 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-07 145536]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2016-10-07 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R1 jnprns;Juniper Network Service; C:\Windows\system32\DRIVERS\jnprns.sys [2014-03-13 506160]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-11-02 177432]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-14 79696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service; C:\Windows\system32\DRIVERS\jnprvamgr.sys [2014-03-13 45352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-09-05 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-09-05 47672]
S3 jnprva;Juniper Networks Virtual Adapter Service; C:\Windows\system32\DRIVERS\jnprva.sys [2014-03-13 30072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2016-10-18 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983); \??\C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [2014-04-09 108344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-11-07 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2016-11-02 475232]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2016-11-02 475232]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-11-23 349512]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-15 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-08 388968]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2015-01-04 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2015-01-04 126464]
R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-04-08 159280]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-11-07 166152]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2016-11-02 1089088]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2016-11-02 1488240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-14 2271928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Files moved on Reboot...
C:\Users\marian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
1.)Vůbec netuším co se stalo, firewall byl vypnutý, s OTM jsem už pár krát pracoval a tohle se mi stalo poprvé.
2.)Po tom restartu se mi najednou hrozně pomalu načíta přihlašovací obrazovka (pro zadání hesla uživatele). Jednoduše vidím jen to modré pozadí a kurzor. Cca po 2 minutách se mi konečně zobrazí klasická ikonka uživatele s výzvou pro zadání hesla. Tohle rozhodně není normální.
EDIT: Už je to ok. Zřejmě to chtělo ještě jeden restart.
3.)Ještě jsem se zapomněl zmínit o této hlášce, která se při startu nějakou dobu objevuje. Zkoušel jsem zamítnout, zkoušel jsem povolit - pořád vyskakuje. Neměl by jste nápad co s tím?
4.)Pak se mi rozhodně nelíbí něco s názvem "iSkysoft" a jeho "helper" aplikací, která asi tak běží na pozadí, jelikož mi na ní COMODO upozorňuje, zatím jsem neučinil žádné kroky. Jediné čeho jsem se dopátral byla cesta k souborům:
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact
Zde screen složky a obsahu. Jak se toho zbavit?
5.) A snad konečně poslední dotaz. Hledám nějaký velice jednoduchý(uživatelský přivětivý) a učinný firewall. Mám zkušenost s COMODO a ZoneAlarm nicméně oba jsou hodně "pop-up" založené. Jelikož PC používá trochu míň technicky zdatná osoba, chtěl bych zvolit nějakou jinou, poněkud "jednodušší" variantu, přesto ponechat kvalit kterými výše zmíněné disponujou. Znáte nějakou alternativu?
Zde RSIT: (PC se zda být OK)
Logfile of random's system information tool 1.10 (written by random/random)
Run by marian at 2016-12-08 22:55:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 15306 MB (84% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:21, on 8.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\marian.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre8\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: Domain = ad.agel.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6889C27-E691-40AD-8936-488101D3C730}: NameServer = 10.1.1.230,10.1.1.231
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = emnis.cz3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = emnis.cz3
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks, Inc. - C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\MobileGo\Wondershare\MobileGo\DriverInstall.exe (file missing)
--
End of file - 12786 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe /host HostCheckerService
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000066c
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4a9cadbf-265d-43d6-8ea8-aec7752e56c7 -SystemEventPortName:HostProcess-40c51a7e-322a-4dc3-9e3a-f40a988d72d7 -IoCancelEventPortName:HostProcess-16859f1e-1be9-4282-a3be-8e723278e772 -NonStateChangingEventPortName:HostProcess-e1d6cb91-063b-4115-9abf-5399d516155a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f4515fbe-f139-405c-8cdd-d335bb0b33fb -DeviceGroupId:WpdFsGroup
taskeng.exe {0ABD9AEA-451B-49B4-8A89-DAC1F0D49983}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {8C0C6290-1925-44C1-A924-BCBF667187CD}
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
taskeng.exe {D7B1BFF5-BF2B-473C-8020-82D914A96F06}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 868 872 880 65536 876
wmiadap.exe /F /T /R
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-20 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-20 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-10-20 463784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-10-20 172456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2016-10-18 660360]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-14 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27219928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2016-11-02 916072]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-11-23 60136]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
"DelaypluginInstall"=C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe []
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-01-08 2066432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2016-07-08 571392]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2016-11-26 421888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-08 22:12:14 ----D---- C:\Program Files\COMODO
2016-12-08 22:11:37 ----D---- C:\ProgramData\Shared Space
2016-11-29 22:11:48 ----D---- C:\Program Files (x86)\Audiophile Inventory
2016-11-26 15:59:51 ----D---- C:\ProgramData\Apple Computer
2016-11-16 20:43:52 ----D---- C:\Users\marian\AppData\Roaming\Notepad++
2016-11-16 20:43:52 ----D---- C:\Program Files (x86)\Notepad++
2016-11-13 12:42:47 ----D---- C:\Users\marian\AppData\Roaming\VitySoft
2016-11-13 12:17:33 ----D---- C:\Users\marian\AppData\Roaming\doublecmd
2016-11-13 01:38:21 ----D---- C:\Spacekace
2016-11-12 18:06:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-12 18:06:29 ----A---- C:\Windows\system32\mshtml.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-12 18:06:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\wininet.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\jscript9.dll
2016-11-12 18:06:28 ----A---- C:\Windows\system32\ieframe.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-12 18:06:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\win32spl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\win32k.sys
2016-11-12 18:06:27 ----A---- C:\Windows\system32\urlmon.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ntdll.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\iertutil.dll
2016-11-12 18:06:27 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-12 18:06:27 ----A---- C:\Windows\system32\clfs.sys
2016-11-12 18:06:27 ----A---- C:\Windows\system32\atmfd.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-12 18:06:26 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\webcheck.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\occache.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-12 18:06:26 ----A---- C:\Windows\system32\msrating.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\msctf.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\inseng.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\input.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-12 18:06:26 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-12 18:06:26 ----A---- C:\Windows\system32\ieui.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iesetup.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iernonce.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-12 18:06:26 ----A---- C:\Windows\system32\certcli.dll
2016-11-12 18:06:26 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 18:06:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64win.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wow64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\winsrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\wdigest.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\vbscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\tzres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\sspicli.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\srcore.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\srclient.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\smss.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\schannel.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\secur32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rstrui.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\msaudite.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\lsass.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\lpk.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\kernel32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\kerberos.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\jscript.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\INETRES.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\fontsub.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-12 18:06:25 ----A---- C:\Windows\system32\dciman32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\credssp.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\conhost.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\auditpol.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\atmlib.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-12 18:06:25 ----A---- C:\Windows\system32\appidapi.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\advapi32.dll
2016-11-12 18:06:25 ----A---- C:\Windows\system32\adtschema.dll
2016-11-12 18:06:24 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-12 18:06:24 ----A---- C:\Windows\system32\msobjs.dll
2016-11-12 18:06:23 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-12 11:59:45 ----D---- C:\Program Files\McAfee
2016-11-10 06:05:27 ----ASH---- C:\pagefile.sys
======List of files/folders modified in the last 1 month======
2016-12-08 22:55:20 ----D---- C:\Windows\Temp
2016-12-08 22:55:20 ----D---- C:\Program Files\trend micro
2016-12-08 22:51:53 ----D---- C:\Users\marian\AppData\Roaming\Skype
2016-12-08 22:46:11 ----HD---- C:\ProgramData
2016-12-08 22:46:11 ----D---- C:\Windows\Tasks
2016-12-08 22:39:02 ----D---- C:\Windows\system32\config
2016-12-08 22:39:00 ----D---- C:\Windows\winsxs
2016-12-08 22:30:56 ----D---- C:\Windows\System32
2016-12-08 22:30:56 ----D---- C:\Windows\inf
2016-12-08 22:30:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-08 22:27:35 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2016-12-08 22:24:37 ----D---- C:\Program Files (x86)\Common Files
2016-12-08 22:20:33 ----RD---- C:\Program Files (x86)
2016-12-08 22:20:22 ----D---- C:\Windows\SysWOW64
2016-12-08 22:15:45 ----SHD---- C:\Windows\Installer
2016-12-08 22:15:32 ----SHD---- C:\System Volume Information
2016-12-08 22:13:09 ----D---- C:\Windows\system32\drivers
2016-12-08 22:13:07 ----D---- C:\Windows\system32\DriverStore
2016-12-08 22:12:14 ----RD---- C:\Program Files
2016-12-08 22:11:39 ----D---- C:\ProgramData\COMODO
2016-12-08 22:11:15 ----D---- C:\Windows\system32\Tasks
2016-12-08 22:03:35 ----D---- C:\Program Files (x86)\Comodo
2016-12-05 19:55:58 ----D---- C:\Users\marian\AppData\Roaming\Mp3tag
2016-12-04 14:42:29 ----D---- C:\Windows\system32\NDF
2016-12-03 20:50:08 ----D---- C:\Users\marian\AppData\Roaming\vlc
2016-11-29 16:08:31 ----RD---- C:\Program Files (x86)\Skype
2016-11-29 16:08:28 ----D---- C:\ProgramData\Skype
2016-11-26 15:59:55 ----D---- C:\Program Files (x86)\QuickTime
2016-11-23 20:33:50 ----D---- C:\ProgramData\Package Cache
2016-11-16 20:17:07 ----D---- C:\Program Files (x86)\URUSoft
2016-11-13 11:20:31 ----D---- C:\Windows\rescache
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\migration
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-13 03:19:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-13 03:19:14 ----D---- C:\Windows\system32\migration
2016-11-13 03:19:14 ----D---- C:\Windows\system32\en-US
2016-11-13 03:19:14 ----D---- C:\Windows\system32\cs-CZ
2016-11-13 03:19:14 ----D---- C:\Program Files\Internet Explorer
2016-11-13 03:19:14 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-13 03:19:13 ----D---- C:\Windows\system32\Boot
2016-11-13 03:19:13 ----D---- C:\Windows\AppPatch
2016-11-13 03:04:06 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 03:03:43 ----D---- C:\Windows\system32\MRT
2016-11-13 03:01:26 ----AC---- C:\Windows\system32\MRT.exe
2016-11-12 18:03:56 ----D---- C:\Windows\system32\catroot2
2016-11-12 12:35:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-12 12:35:04 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-12 12:35:04 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-07 145536]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2016-10-07 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R1 jnprns;Juniper Network Service; C:\Windows\system32\DRIVERS\jnprns.sys [2014-03-13 506160]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-11-02 177432]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2016-05-14 79696]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service; C:\Windows\system32\DRIVERS\jnprvamgr.sys [2014-03-13 45352]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-09-05 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-09-05 47672]
S3 jnprva;Juniper Networks Virtual Adapter Service; C:\Windows\system32\DRIVERS\jnprva.sys [2014-03-13 30072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2016-10-18 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 jnprTdi_803_44983;Juniper Networks TDI Filter Driver (jnprTdi_803_44983); \??\C:\Windows\system32\Drivers\jnprTdi_803_44983.sys [2014-04-09 108344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-11-07 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2016-11-02 475232]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2016-11-02 475232]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-11-23 349512]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-15 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-08 388968]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2015-01-04 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2015-01-04 126464]
R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-04-08 159280]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2016-11-07 166152]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2016-11-02 1089088]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2016-11-02 1488240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-12 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-14 2271928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
ISkysoft je program na editaci videa. Sc.exe je pak nástroj pro vývojáře. Obojí je regulérní. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte: Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyuziti CPU 100%, pomalé PC
Nevím, jestli jsem pochopil, co bych měl do OTM zadat.
-
Rudy
- Site Admin
- Příspěvky: 119491
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyuziti CPU 100%, pomalé PC
Toto zkopírujte do levé poloviny okna OTM:
Rudy píše:Doména agel.cz, která je patrna z logu je mi podezřelá. Na domácích PC něco takového obvykle není.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8d13b51bd12c.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff20f9254c09a.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d001a171f7da98
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\tasks\{508B6820-F25A-4F6E-BFDD-85ACAE9A8866}
C:\Windows\system32\tasks\{8D8B08AD-5600-4217-AF82-1038C2D418BF}
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\{A4FF347C-7353-4B5D-B479-1933EFF12E9A}
C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
C:\ProgramData\{B9F6456A-E0C8-4BD3-A6E8-AFA8859EC4C4}
C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
C:\ProgramData\{4FCEED6C-B7D3-485B-A843-C3DBD468BF17}
C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?