problém z flashkou

[zachy64]

Dobrý den asi mám zavirovanou flashku, protože se mi na ní objevují jen zástupci obsahu. přikládám log z RSIT. Děkuji
Logfile of random's system information tool 1.14 (written by random/random)
Run by admin at 2017-02-06 11:56:31
WMI error encountered
WIN_10
System drive C: has 162 GB (69%) free of 236 GB
Total RAM: 3887 MB (30% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:34, on 06.02.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\admin\Downloads\ESETOnlineScanner_CSY (1).exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\trend micro\admin_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Advanced SystemCare Ultimate\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [windows] wscript.exe //B "C:\Users\admin\AppData\Roaming\windows.vbs"
O4 - HKLM\..\Run: [javaupdate] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\javaupdate.vbs"
O4 - HKLM\..\Run: [tmpA991] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\tmpA991.tmp.vbs"
O4 - HKCU\..\Run: [windows] wscript.exe //B "C:\Users\admin\AppData\Roaming\windows.vbs"
O4 - HKCU\..\Run: [tmp43C] wscript.exe //B "C:\Users\admin\AppData\Roaming\tmp43C.tmp.vbs"
O4 - HKCU\..\Run: [b9bef0b2c7e7a3d4ec4ebdd0dac24a5e] "C:\Users\admin\AppData\Local\Temp\taskmgr.exe" ..
O4 - HKCU\..\Run: [javaupdate] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\javaupdate.vbs"
O4 - HKCU\..\Run: [tmpA991] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\tmpA991.tmp.vbs"
O4 - HKCU\..\Run: [380efc0a6172e4bd4d84b88e6c8fe787] "C:\Users\admin\AppData\Roaming\svchost.exe" ..
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [windows] wscript.exe //B "C:\Users\admin\AppData\Roaming\windows.vbs" (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [b9bef0b2c7e7a3d4ec4ebdd0dac24a5e] "C:\Users\admin\AppData\Local\Temp\taskmgr.exe" .. (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [javaupdate] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\javaupdate.vbs" (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [tmpA991] wscript.exe //B "C:\Users\admin\AppData\Local\Temp\tmpA991.tmp.vbs" (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [380efc0a6172e4bd4d84b88e6c8fe787] "C:\Users\admin\AppData\Roaming\svchost.exe" .. (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (User '?')
O4 - HKUS\S-1-5-21-2681712525-2146885521-3301550083-1001\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (User '?')
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User '?')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: 380efc0a6172e4bd4d84b88e6c8fe787.exe (User '?')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: b9bef0b2c7e7a3d4ec4ebdd0dac24a5e.exe (User '?')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: javaupdate.vbs (User '?')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: tmp43C.tmp.vbs (User '?')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: tmpA991.tmp.vbs (User '?')
O4 - S-1-5-21-2681712525-2146885521-3301550083-1001 Startup: windows.vbs (User '?')
O4 - Startup: 380efc0a6172e4bd4d84b88e6c8fe787.exe
O4 - Startup: b9bef0b2c7e7a3d4ec4ebdd0dac24a5e.exe
O4 - Startup: javaupdate.vbs
O4 - Startup: tmp43C.tmp.vbs
O4 - Startup: tmpA991.tmp.vbs
O4 - Startup: windows.vbs
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10505 bytes

======Enumerating Processes======


======Scheduled tasks folder======

C:\WINDOWS\tasks\ASCU10_SkipUac_admin.job - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe /SkipUac
C:\WINDOWS\tasks\HPCeeScheduleForadmin.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForadmin (null)
C:\WINDOWS\tasks\Uninstaller_SkipUac_admin.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Apple Diagnostics - C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
C:\WINDOWS\system32\tasks\ASCU10_PerformanceMonitor - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe /Task
C:\WINDOWS\system32\tasks\ASCU10_SkipUac_admin - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe /SkipUac
C:\WINDOWS\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe /scheduler
C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (admin) - C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe /skipuac
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\HPCeeScheduleForadmin - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForadmin (null)
C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_admin - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{7AD28743-502D-4EC7-BC35-ABE849798515} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\tasks\{4305ED3C-4738-42B6-B6DF-AD57ACD783CC} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\admin\Desktop\Applications\Rename.exe -d C:\Users\admin\Desktop\Applications
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\WINDOWS\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\WINDOWS\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\WINDOWS\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\WINDOWS\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\WINDOWS\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task

=========Google Chrome=========

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.8.6
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 2 Application Launcher for Drive (by Google) 3.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-01-07 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
IObit Surfing Protection - C:\PROGRA~2\IObit\Advanced SystemCare Ultimate\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-01-07 1203112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
IObit Ads Removal - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\Adblock\Adblock.dll [2017-01-07 734632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-30 1610936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-01 176440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"windows"=wscript.exe //B C:\Users\admin\AppData\Roaming\windows.vbs []
"tmp43C"=wscript.exe //B C:\Users\admin\AppData\Roaming\tmp43C.tmp.vbs []
"b9bef0b2c7e7a3d4ec4ebdd0dac24a5e"=C:\Users\admin\AppData\Local\Temp\taskmgr.exe [2017-01-18 117685]
"javaupdate"=wscript.exe //B C:\Users\admin\AppData\Local\Temp\javaupdate.vbs []
"tmpA991"=wscript.exe //B C:\Users\admin\AppData\Local\Temp\tmpA991.tmp.vbs []
"380efc0a6172e4bd4d84b88e6c8fe787"=C:\Users\admin\AppData\Roaming\svchost.exe [2017-01-31 2012672]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-01 67384]
"Advanced SystemCare Ultimate"=C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [2017-01-07 3023136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleIEDAV]
c:\program files (x86)\common files\apple\internet services\appleiedav.exe [2016-05-09 1084688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudDrive]
c:\program files (x86)\common files\apple\internet services\iclouddrive.exe [2017-01-01 110392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudPhotos]
c:\program files (x86)\common files\apple\internet services\icloudphotos.exe [2017-01-01 356664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
c:\program files (x86)\common files\apple\internet services\icloudservices.exe [2017-01-01 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2012-11-27 168480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
c:\program files\itunes\ituneshelper.exe [2017-01-01 176440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
c:\program files (x86)\poweriso\pwrisovm.exe [2016-03-26 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XperiaCompanion]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"windows"=wscript.exe //B C:\Users\admin\AppData\Roaming\windows.vbs []
"javaupdate"=wscript.exe //B C:\Users\admin\AppData\Local\Temp\javaupdate.vbs []
"tmpA991"=wscript.exe //B C:\Users\admin\AppData\Local\Temp\tmpA991.tmp.vbs []

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
380efc0a6172e4bd4d84b88e6c8fe787.exe
b9bef0b2c7e7a3d4ec4ebdd0dac24a5e.exe
javaupdate.vbs
tmp43C.tmp.vbs
tmpA991.tmp.vbs
windows.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-02-06 11:56:32 ----D---- C:\Program Files\trend micro
2017-02-06 11:56:31 ----D---- C:\rsit
2017-02-01 14:02:10 ----A---- C:\Users\admin\AppData\Roaming\Microsoft.NET.exe
2017-01-31 17:01:21 ----A---- C:\Users\admin\AppData\Roaming\svchost.exe
2017-01-31 17:01:02 ----A---- C:\Users\admin\AppData\Roaming\Microsoft.exe
2017-01-25 15:03:36 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2017-01-25 15:03:36 ----A---- C:\WINDOWS\system32\poqexec.exe
2017-01-18 20:05:38 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2017-01-18 20:05:38 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2017-01-18 20:05:38 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2017-01-18 20:05:38 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2017-01-18 20:05:37 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
2017-01-18 20:05:36 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
2017-01-18 20:05:35 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2017-01-18 20:05:26 ----D---- C:\Program Files (x86)\Microsoft XNA
2017-01-18 19:58:00 ----A---- C:\Users\admin\AppData\Roaming\csrss.exe
2017-01-18 19:57:49 ----A---- C:\Users\admin\AppData\Roaming\system32.exe
2017-01-16 21:03:56 ----A---- C:\Users\admin\AppData\Roaming\java.exe
2017-01-16 15:18:15 ----A---- C:\Users\admin\AppData\Roaming\tmp43C.tmp.vbs
2017-01-16 15:17:44 ----A---- C:\Users\admin\AppData\Roaming\windows.vbs
2017-01-11 19:09:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-01-11 18:16:00 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 18:15:59 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 18:15:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 18:15:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 18:15:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 18:15:56 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 18:15:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 18:15:55 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 18:15:55 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 18:15:55 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 18:15:55 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 18:15:55 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 18:15:55 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 18:15:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 18:15:54 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 18:15:54 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 18:15:53 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 18:15:53 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 18:15:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 18:15:53 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 18:15:53 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 18:15:52 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 18:15:52 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 18:15:51 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 18:15:51 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 18:15:51 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 18:15:51 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 18:15:51 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 18:15:50 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 18:15:50 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 18:15:50 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 18:15:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 18:15:48 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 18:15:47 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 18:15:47 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 18:15:46 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 18:15:45 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 18:15:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 18:15:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 18:15:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 18:15:43 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 18:15:43 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 18:15:40 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:15:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 18:15:39 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 18:15:38 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 18:15:37 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 18:15:37 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 18:15:36 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 18:15:35 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 18:15:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 18:15:35 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 18:15:34 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 18:15:34 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 18:15:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 18:15:32 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 18:15:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 18:15:32 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 18:15:32 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 18:15:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 18:15:28 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 18:15:27 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 18:15:26 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 18:15:26 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 18:15:25 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 18:15:24 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 18:15:23 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 18:15:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 18:15:23 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 18:15:23 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 18:15:23 ----A---- C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 18:15:23 ----A---- C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 18:15:22 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 18:15:22 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 18:15:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 18:15:21 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 18:15:21 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 18:15:21 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 18:15:21 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 18:15:20 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 18:15:20 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 18:15:20 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 18:15:20 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 18:15:19 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 18:15:18 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 18:15:17 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 18:15:17 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 18:15:17 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 18:15:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 18:15:16 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 18:15:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 18:15:16 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 18:15:16 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 18:15:16 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 18:15:16 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 18:15:15 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 18:15:14 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 18:15:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 18:15:14 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 18:15:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 18:15:04 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 18:15:03 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 18:15:02 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 18:15:02 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 18:15:02 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 18:15:02 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 18:14:59 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 18:14:59 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 18:14:58 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 18:14:58 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-01-11 18:14:58 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 18:14:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 18:14:56 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 18:14:55 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 18:14:55 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 18:14:55 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 18:14:54 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-07 13:42:21 ----D---- C:\ProgramData\BDLogging
2017-01-07 13:42:20 ----A---- C:\WINDOWS\system32\drivers\trufos.sys
2017-01-07 13:42:16 ----D---- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2017-01-07 13:42:15 ----D---- C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2017-01-07 13:32:25 ----D---- C:\Program Files (x86)\Dashlane
2017-01-07 13:31:48 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-01-07 13:23:50 ----D---- C:\Program Files\AVAST Software
2017-01-07 13:23:12 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2017-02-06 11:56:18 ----D---- C:\WINDOWS\Prefetch
2017-02-06 11:25:39 ----D---- C:\WINDOWS\Temp
2017-02-06 11:16:36 ----D---- C:\WINDOWS\system32\SleepStudy
2017-02-06 11:13:02 ----D---- C:\WINDOWS\system32\sru
2017-02-06 10:33:07 ----D---- C:\WINDOWS\system32\Tasks
2017-02-06 10:19:06 ----D---- C:\WINDOWS\System32
2017-02-06 10:19:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-06 10:16:20 ----D---- C:\WINDOWS\SoftwareDistribution
2017-02-06 10:14:19 ----D---- C:\ProgramData\ProductData
2017-02-06 10:14:07 ----HD---- C:\Program Files\WindowsApps
2017-02-06 10:13:16 ----D---- C:\WINDOWS\AppReadiness
2017-02-06 10:12:54 ----D---- C:\WINDOWS\debug
2017-02-06 10:12:49 ----D---- C:\Windows
2017-02-06 10:10:34 ----D---- C:\WINDOWS\system32\catroot2
2017-02-06 09:59:01 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-05 06:49:14 ----D---- C:\WINDOWS\INF
2017-02-04 18:49:03 ----D---- C:\Program Files\Zoner
2017-02-04 12:07:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-04 12:07:42 ----AD---- C:\Program Files (x86)\Mozilla Thunderbird
2017-02-03 09:22:28 ----SHD---- C:\System Volume Information
2017-01-31 11:42:53 ----D---- C:\WINDOWS\Tasks
2017-01-29 07:44:53 ----D---- C:\WINDOWS\system32\CatRoot
2017-01-26 19:33:40 ----D---- C:\WINDOWS\system32\config
2017-01-25 18:43:24 ----D---- C:\WINDOWS\CbsTemp
2017-01-25 18:43:22 ----D---- C:\WINDOWS\SysWOW64
2017-01-25 18:43:18 ----D---- C:\WINDOWS\WinSxS
2017-01-22 09:14:02 ----SHD---- C:\WINDOWS\Installer
2017-01-19 19:00:20 ----D---- C:\WINDOWS\Logs
2017-01-18 20:06:09 ----A---- C:\WINDOWS\SYSWOW64\vcamp140.dll
2017-01-18 20:06:08 ----D---- C:\ProgramData\Package Cache
2017-01-18 20:05:39 ----RSD---- C:\WINDOWS\assembly
2017-01-18 20:05:26 ----RD---- C:\Program Files (x86)
2017-01-18 18:54:11 ----D---- C:\WINDOWS\system32\DriverStore
2017-01-18 06:45:44 ----AD---- C:\Program Files (x86)\Garmin
2017-01-15 19:28:00 ----D---- C:\Program Files (x86)\IObit
2017-01-14 08:55:39 ----D---- C:\WINDOWS\system32\drivers
2017-01-12 10:32:28 ----D---- C:\WINDOWS\rescache
2017-01-11 20:12:25 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:12:25 ----D---- C:\WINDOWS\system32\wbem
2017-01-11 20:12:25 ----D---- C:\WINDOWS\system32\oobe
2017-01-11 20:12:22 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:12:22 ----D---- C:\WINDOWS\ShellExperiences
2017-01-11 20:12:22 ----D---- C:\WINDOWS\Provisioning
2017-01-11 20:12:22 ----D---- C:\WINDOWS\PolicyDefinitions
2017-01-11 20:12:21 ----D---- C:\Program Files\Internet Explorer
2017-01-11 20:12:21 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 19:13:03 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 19:09:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-07 14:02:55 ----D---- C:\ProgramData\IObit
2017-01-07 13:42:21 ----HD---- C:\ProgramData
2017-01-07 13:23:50 ----RD---- C:\Program Files

File C:\WINDOWS\system32\winlogon.exe is not digitally signed
File C:\WINDOWS\system32\wininit.exe is not digitally signed
File C:\WINDOWS\explorer.exe is not digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is not digitally signed
File C:\WINDOWS\system32\svchost.exe is not digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is not digitally signed
File C:\WINDOWS\system32\services.exe is not digitally signed
File C:\WINDOWS\system32\User32.dll is not digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is not digitally signed
File C:\WINDOWS\system32\userinit.exe is not digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is not digitally signed
File C:\WINDOWS\system32\rpcss.dll is not digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is not digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-07-11 632168]
S0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-09 48992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-13 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2016-09-08 40960]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2016-09-08 862648]
S1 cmdhlp;COMODO Internet Security Helper Driver; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2016-09-08 54336]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-12 27552]
S1 inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\system32\DRIVERS\inspect.sys [2016-09-08 147304]
S1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 85424]
S2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
S2 rimmptsk;rimmptsk; C:\WINDOWS\System32\drivers\rimmpx64.sys [2016-03-12 67584]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [2016-07-16 1146880]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-30 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-22 114176]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-13 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-12-10 967168]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-22 84992]
S3 dg_ssudbus;@oem77.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-11-08 131712]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2016-03-16 22200]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2016-03-24 33240]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2016-05-14 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2016-05-14 30424]
S3 HECIx64;@oem43.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2016-03-16 56344]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-22 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 Impcd;Impcd; C:\WINDOWS\System32\drivers\Impcd.sys [2016-04-03 158976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NETwNe64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2016-03-12 3354384]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsucx64.sys [2016-05-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [2016-05-17 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2016-05-17 26112]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2016-03-22 82816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 rismcx64;@oem75.inf,%DisplayName%;RICOH Smart Card Reader; C:\WINDOWS\system32\DRIVERS\rismcx64.sys [2016-03-12 59008]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem78.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-11-08 165504]
S3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2016-03-18 503296]
S3 SynTP;@oem66.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [2017-01-07 1013024]
S2 ASCAntivirusSrv;AdvancedSystemCareAntivirus; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [2017-01-07 1931552]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 CDPUserSvc_409e1;CDPUserSvc_409e1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-10-04 5817256]
S2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2017-01-07 360736]
S2 OneSyncSvc_409e1;Hostitel synchronizace_409e1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-11-01 83768]
S3 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2017-01-01 462096]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-10-04 2271928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-01-18 1039376]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2016-03-14 1102472]
S3 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-17 31776]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-01 651576]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_409e1;Služba zasílání zpráv_409e1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2016-03-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-02-01 147400]
S3 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2016-03-26 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-03-26 145184]
S3 PimIndexMaintenanceSvc_409e1;Data kontaktů_409e1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-30 2889896]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2016-05-17 737616]
S3 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-11-08 754784]
S3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll"=%SystemRoot%\system32\winhttp.dll
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-01-11 822624]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[JaRon]

ahoj,
AdvancedSystemCareAntivirus = naozaj AV svetovej kvality
- odinstaluj vsetko od IOBit
- vycisti PC s AVPTool

[zachy64]

děkuji odinstalluji a ten čistič stáhnu kde? Děkuji

[JaRon]

mam aj odkaz v podpise + https://www.kaspersky.com/downloads/tha ... ool?form=1

[zachy64]

jasně sory už to jede. scan hotový za 12hod,

[JaRon]

PC je zavireny, tym padom aj pomaly ,,, to je dan