Dobrý den.Prosím o kontrolu logu. Zpomalení ntb.Děkuji
Logfile of random's system information tool 1.16 (written by random/random)
Run by bek69 at 2017-04-05 18:13:09
Microsoft Windows 8.1
System drive C: has 505 GB (54%) free of 941 GB
Total RAM: 7103 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:13:18, on 5. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\bek69_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TEJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10624 bytes
====== Enumerating Processes ======
C:\Windows\system32\wininit.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
C:\Windows\System32\WinLogon.exe -SpecialSession
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\bek69\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (bek69) - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1586068809-786957993-594304779-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\Windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Windows\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458706207 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458918902 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\User_Feed_Synchronization-{A0859649-5E18-4E7C-A58B-088A2690E7FB} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1586068809-786957993-594304779-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF48
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF48
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\
zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
BlackFox V2 - theme - zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions.json
Avast Online Security - webextension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF48
BlackFox V2 - theme - zigboom@hotmail.com - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\zigboom@hotmail.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\e10srollout@mozilla.org.xpi
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.127 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-05 213704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14 893936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-05 3002160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14 771816]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13 585568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-10-22 296008]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-03-22 303928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2013-08-06 34160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-14 205512]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-05 18:13:10 ----D---- C:\Program Files\trend micro
2017-04-05 18:13:09 ----D---- C:\rsit
2017-03-16 10:04:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iertutil.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iepeers.dll
2017-03-16 10:04:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-03-16 10:04:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-03-16 10:04:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\vbscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\urlmon.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\msfeeds.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-03-16 10:04:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\jscript.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\ieframe.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-03-16 10:04:29 ----A---- C:\Windows\system32\webcheck.dll
2017-03-16 10:04:28 ----A---- C:\Windows\system32\win32k.sys
2017-03-16 10:04:28 ----A---- C:\Windows\system32\jscript9.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\wininet.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\inetcomm.dll
2017-03-16 10:04:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-03-16 10:04:25 ----A---- C:\Windows\system32\mshtml.dll
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winresume.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winload.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\glcndFilter.dll
2017-03-16 10:04:20 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 10:04:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\lsasrv.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\DWrite.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\wow64.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\FntCache.dll
2017-03-16 10:04:17 ----A---- C:\Windows\system32\GdiPlus.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2017-03-16 10:04:16 ----A---- C:\Windows\system32\msxml3.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-03-16 10:04:15 ----A---- C:\Windows\system32\dnsapi.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-03-16 10:04:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-03-16 10:04:13 ----A---- C:\Windows\system32\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\HelpPane.exe
2017-03-16 10:04:12 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\wininit.exe
2017-03-16 10:04:12 ----A---- C:\Windows\system32\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\srv.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\cng.sys
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\certcli.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aepic.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aeinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\invagent.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\generaltel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\devinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-03-16 09:58:38 ----A---- C:\Windows\system32\centel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\appraiser.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\acmigration.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\drivers\Rt630x64.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8444.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8443.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8432.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8431.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8430.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841F.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840D.tmp
2017-03-14 12:00:15 ----A---- C:\Windows\system32\aswBoot.exe
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1C.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DDA.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DD9.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DB8.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D5A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D59.tmp
2017-03-07 12:15:15 ----D---- C:\ProgramData\~0
====== List of files/folders modified in the last 1 month ======
2017-04-05 18:13:10 ----RD---- C:\Program Files
2017-04-05 18:12:59 ----D---- C:\Windows\Temp
2017-04-05 18:08:30 ----D---- C:\Users\bek69\AppData\Roaming\Skype
2017-04-05 18:06:41 ----D---- C:\Windows\Prefetch
2017-04-05 18:06:21 ----D---- C:\Windows\SoftwareDistribution
2017-04-05 18:06:21 ----D---- C:\Windows\Minidump
2017-04-05 18:06:21 ----AD---- C:\Windows
2017-04-05 18:00:00 ----D---- C:\Windows\system32\sru
2017-04-05 16:24:17 ----D---- C:\Windows\Microsoft.NET
2017-04-05 15:47:25 ----SHD---- C:\Windows\Installer
2017-04-05 15:47:25 ----SHD---- C:\Config.Msi
2017-04-05 15:47:23 ----RAD---- C:\Windows\System32
2017-04-05 15:47:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-05 15:46:22 ----D---- C:\Program Files (x86)\Common Files
2017-04-05 15:44:38 ----D---- C:\Program Files (x86)\Microsoft Office
2017-04-05 15:10:11 ----D---- C:\Windows\system32\Tasks
2017-04-05 15:03:45 ----D---- C:\Windows\system32\drivers
2017-04-04 20:38:21 ----D---- C:\Users\bek69\AppData\Roaming\vlc
2017-04-04 15:49:00 ----D---- C:\Windows\system32\config
2017-04-03 16:46:51 ----D---- C:\Windows\system32\NDF
2017-04-02 08:38:28 ----D---- C:\Windows\Inf
2017-04-02 08:38:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-03-30 17:52:43 ----D---- C:\Users\bek69\AppData\Roaming\Mp3tag
2017-03-30 15:28:13 ----HD---- C:\ProgramData
2017-03-30 15:09:24 ----D---- C:\Windows\system32\DriverStore
2017-03-30 15:09:22 ----D---- C:\Windows\CbsTemp
2017-03-30 15:08:31 ----SHD---- C:\System Volume Information
2017-03-29 17:15:58 ----D---- C:\Users\bek69\AppData\Roaming\ViberPC
2017-03-29 16:45:06 ----D---- C:\ProgramData\ProductData
2017-03-29 16:28:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-29 16:28:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-26 17:20:18 ----D---- C:\Program Files\iTunes
2017-03-26 17:19:27 ----D---- C:\Program Files\iPod
2017-03-26 17:18:42 ----D---- C:\Program Files\Common Files\Apple
2017-03-26 17:15:45 ----D---- C:\Program Files (x86)\Apple Software Update
2017-03-23 09:04:04 ----HD---- C:\Program Files\WindowsApps
2017-03-23 09:04:04 ----D---- C:\Windows\AppReadiness
2017-03-21 14:20:51 ----D---- C:\ProgramData\IObit
2017-03-17 15:40:00 ----D---- C:\Windows\rescache
2017-03-17 12:36:15 ----D---- C:\Games
2017-03-17 12:35:33 ----D---- C:\Program Files (x86)\Steam
2017-03-17 12:30:10 ----D---- C:\Windows\debug
2017-03-17 08:04:35 ----D---- C:\Windows\WinSxS
2017-03-17 07:59:09 ----D---- C:\Program Files\Microsoft Silverlight
2017-03-17 07:59:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 14:30:40 ----D---- C:\Windows\system32\appraiser
2017-03-16 14:30:40 ----D---- C:\Windows\apppatch
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Windows\SysWOW64
2017-03-16 14:30:36 ----D---- C:\Windows\system32\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\system32\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Program Files\Internet Explorer
2017-03-16 14:30:36 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-16 14:17:49 ----D---- C:\Windows\system32\MRT
2017-03-16 14:14:24 ----AC---- C:\Windows\system32\MRT.exe
2017-03-16 09:47:20 ----D---- C:\Windows\system32\catroot2
2017-03-15 22:20:54 ----D---- C:\ProgramData\Skype
2017-03-15 22:20:22 ----RD---- C:\Program Files (x86)\Skype
2017-03-15 22:18:07 ----D---- C:\ProgramData\Package Cache
2017-03-14 14:01:16 ----RD---- C:\Program Files (x86)
2017-03-14 13:27:28 ----D---- C:\Windows\Tasks
2017-03-14 13:27:16 ----D---- C:\Windows\system32\Macromed
2017-03-14 13:27:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-03-14 12:55:28 ----D---- C:\Windows\system32\catroot
2017-03-14 12:38:12 ----D---- C:\Windows\system32\wbem
2017-03-14 12:32:45 ----D---- C:\Program Files (x86)\Atheros
2017-03-14 12:32:38 ----D---- C:\Program Files (x86)\Symbaloo_TLauncher
2017-03-14 12:32:35 ----D---- C:\Program Files\Microsoft Office 15
2017-03-14 12:32:25 ----D---- C:\Windows\system32\drivers\UMDF
2017-03-14 12:32:25 ----D---- C:\Windows\system32\CodeIntegrity
2017-03-14 12:19:31 ----D---- C:\Windows\registration
2017-03-14 11:19:43 ----D---- C:\ProgramData\AVAST Software
2017-03-10 06:34:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-03-07 12:33:18 ----D---- C:\ProgramData\Solvusoft
2017-03-07 12:21:47 ----A---- C:\Windows\win.ini
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2017-01-16 83656]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2017-01-16 23752]
R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2013-12-14 36608]
R0 amdpsp;@oem38.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2017-01-16 254864]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-03-14 189768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-03-14 334600]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-03-14 48528]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-03-14 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-03-14 337592]
R0 LPCFilter;@oem17.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\Windows\System32\drivers\LPCFilter.sys [2013-08-01 35672]
R0 TVALZ;@oem15.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-03-14 309272]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-03-14 32088]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-03-14 100640]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-03-14 993608]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-03-22 548928]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-01-16 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-03-14 126600]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-03-14 162528]
R3 AmdAS4;@oem2.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-01-16 13941760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-01-16 628224]
R3 athr;@oem41.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2017-01-16 4307192]
R3 AtiHDAudioService;@oem37.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2017-01-16 118848]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-03-19 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2015-03-28 20312]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-04-08 30264]
R3 dtliteusbbus;@oem24.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-04-08 47672]
R3 ETD;@oem9.inf,%PS2.DeviceDesc%;ELAN PS/2_SMBus Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2014-03-04 404296]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2014-02-06 24904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem42.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2017-01-16 328920]
R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2017-03-14 954368]
R3 Thotkey;@oem46.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2017-01-16 36712]
R3 tosrfec;@oem40.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2017-01-16 53624]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 amdkmcsp;@oem38.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-01-16 100752]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-03-14 38296]
S3 athrusb;@oem33.inf,%ATHR.Service.DispName%;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 dot4;@oem28.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem29.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem28.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2016-12-07 22200]
S3 USBAAPL64;@oem21.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-11-05 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2014-04-23 140288]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-01-16 240128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-03-17 83768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-03-19 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-14 262736]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-03-26 3737792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2014-03-03 21840]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2014-03-04 103240]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2017-01-16 51216]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2014-07-30 353872]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-03-14 7147320]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1443520]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-03-22 689464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-29 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-03-25 198192]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# AdwCleaner v6.045 - Log vytvořen 05/04/2017 v 20:20:37
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-04.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : bek69 - TOMAS
# Spuštěno z : C:\Users\bek69\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: DrvAgent64
***** [ Složky ] *****
[-] Složka smazána: C:\Users\bek69\AppData\Local\eSupport.com
[-] Složka smazána: C:\Users\bek69\AppData\Local\FileViewPro
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\Solvusoft
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Solvusoft
[-] Složka smazána: C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazána: C:\Program Files (x86)\eSupport.com
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
[-] Složka smazána: C:\Program Files (x86)\Play
***** [ Soubory ] *****
[-] Soubor smazán: C:\Windows\SysNative\roboot64.exe
[-] Soubor smazán: C:\Windows\SysWOW64\drivers\DRVAGENT64.SYS
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\speedupmypc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKU\S-1-5-21-1586068809-786957993-594304779-1001\Software\eSupport.com
[#] Klíč smazán po restartu: HKCU\Software\eSupport.com
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
[#] Klíč smazán po restartu: [x64] HKCU\Software\eSupport.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2301 Bajty] - [05/04/2017 20:20:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [2538 Bajty] - [05/04/2017 20:19:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2447 Bajty] ##########
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-04.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : bek69 - TOMAS
# Spuštěno z : C:\Users\bek69\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: DrvAgent64
***** [ Složky ] *****
[-] Složka smazána: C:\Users\bek69\AppData\Local\eSupport.com
[-] Složka smazána: C:\Users\bek69\AppData\Local\FileViewPro
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\Solvusoft
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Solvusoft
[-] Složka smazána: C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazána: C:\Program Files (x86)\eSupport.com
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft
[-] Složka smazána: C:\Program Files (x86)\Play
***** [ Soubory ] *****
[-] Soubor smazán: C:\Windows\SysNative\roboot64.exe
[-] Soubor smazán: C:\Windows\SysWOW64\drivers\DRVAGENT64.SYS
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\speedupmypc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKU\S-1-5-21-1586068809-786957993-594304779-1001\Software\eSupport.com
[#] Klíč smazán po restartu: HKCU\Software\eSupport.com
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
[#] Klíč smazán po restartu: [x64] HKCU\Software\eSupport.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2301 Bajty] - [05/04/2017 20:20:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [2538 Bajty] - [05/04/2017 20:19:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2447 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.16 (written by random/random)
Run by bek69 at 2017-04-05 21:37:37
Microsoft Windows 8.1
System drive C: has 505 GB (54%) free of 941 GB
Total RAM: 7103 MB (70% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:46, on 5. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\bek69_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TEJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10598 bytes
====== Enumerating Processes ======
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhostex.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C0].txt
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /update
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\bek69\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (bek69) - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1586068809-786957993-594304779-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\Windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Windows\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458706207 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458918902 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\User_Feed_Synchronization-{A0859649-5E18-4E7C-A58B-088A2690E7FB} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1586068809-786957993-594304779-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF48
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF48
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\
zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
BlackFox V2 - theme - zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions.json
Avast Online Security - webextension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF48
BlackFox V2 - theme - zigboom@hotmail.com - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\zigboom@hotmail.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\e10srollout@mozilla.org.xpi
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.127 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-05 213704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14 893936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-05 3002160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14 771816]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13 585568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-10-22 296008]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-03-22 303928]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-14 205512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2013-08-06 34160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-05 20:27:52 ----A---- C:\Windows\system32\aswBoot.exe
2017-04-05 20:23:51 ----D---- C:\ProgramData\SWCUTemp
2017-04-05 20:15:48 ----D---- C:\AdwCleaner
2017-04-05 18:13:10 ----D---- C:\Program Files\trend micro
2017-04-05 18:13:09 ----D---- C:\rsit
2017-03-16 10:04:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iertutil.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iepeers.dll
2017-03-16 10:04:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-03-16 10:04:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-03-16 10:04:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\vbscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\urlmon.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\msfeeds.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-03-16 10:04:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\jscript.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\ieframe.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-03-16 10:04:29 ----A---- C:\Windows\system32\webcheck.dll
2017-03-16 10:04:28 ----A---- C:\Windows\system32\win32k.sys
2017-03-16 10:04:28 ----A---- C:\Windows\system32\jscript9.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\wininet.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\inetcomm.dll
2017-03-16 10:04:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-03-16 10:04:25 ----A---- C:\Windows\system32\mshtml.dll
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winresume.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winload.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\glcndFilter.dll
2017-03-16 10:04:20 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 10:04:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\lsasrv.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\DWrite.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\wow64.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\FntCache.dll
2017-03-16 10:04:17 ----A---- C:\Windows\system32\GdiPlus.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2017-03-16 10:04:16 ----A---- C:\Windows\system32\msxml3.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-03-16 10:04:15 ----A---- C:\Windows\system32\dnsapi.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-03-16 10:04:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-03-16 10:04:13 ----A---- C:\Windows\system32\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\HelpPane.exe
2017-03-16 10:04:12 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\wininit.exe
2017-03-16 10:04:12 ----A---- C:\Windows\system32\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\srv.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\cng.sys
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\certcli.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aepic.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aeinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\invagent.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\generaltel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\devinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-03-16 09:58:38 ----A---- C:\Windows\system32\centel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\appraiser.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\acmigration.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\drivers\Rt630x64.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8444.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8443.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8432.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8431.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8430.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841F.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840D.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3453.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3442.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3441.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3430.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1C.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DDA.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DD9.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DB8.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D5A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D59.tmp
2017-03-07 12:15:15 ----D---- C:\ProgramData\~0
====== List of files/folders modified in the last 1 month ======
2017-04-05 21:37:21 ----D---- C:\Windows\Temp
2017-04-05 21:36:13 ----D---- C:\Users\bek69\AppData\Roaming\Skype
2017-04-05 21:36:03 ----D---- C:\Windows\system32\sru
2017-04-05 20:36:26 ----D---- C:\Windows\Prefetch
2017-04-05 20:28:22 ----D---- C:\Windows\system32\Tasks
2017-04-05 20:28:21 ----D---- C:\Windows\system32\drivers
2017-04-05 20:28:08 ----D---- C:\Windows\system32\config
2017-04-05 20:27:52 ----RAD---- C:\Windows\System32
2017-04-05 20:23:51 ----HD---- C:\ProgramData
2017-04-05 20:22:59 ----D---- C:\Windows\SoftwareDistribution
2017-04-05 20:22:19 ----AD---- C:\Windows
2017-04-05 20:21:48 ----SHD---- C:\Config.Msi
2017-04-05 20:21:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-05 20:21:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-04-05 20:20:29 ----D---- C:\Windows\SYSWOW64\drivers
2017-04-05 20:20:28 ----RD---- C:\Program Files (x86)
2017-04-05 18:13:10 ----RD---- C:\Program Files
2017-04-05 18:06:21 ----D---- C:\Windows\Minidump
2017-04-05 16:24:17 ----D---- C:\Windows\Microsoft.NET
2017-04-05 15:47:25 ----SHD---- C:\Windows\Installer
2017-04-05 15:47:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-05 15:46:22 ----D---- C:\Program Files (x86)\Common Files
2017-04-05 15:44:38 ----D---- C:\Program Files (x86)\Microsoft Office
2017-04-04 20:38:21 ----D---- C:\Users\bek69\AppData\Roaming\vlc
2017-04-03 16:46:51 ----D---- C:\Windows\system32\NDF
2017-04-02 08:38:28 ----D---- C:\Windows\Inf
2017-04-02 08:38:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-03-30 17:52:43 ----D---- C:\Users\bek69\AppData\Roaming\Mp3tag
2017-03-30 15:09:24 ----D---- C:\Windows\system32\DriverStore
2017-03-30 15:09:22 ----D---- C:\Windows\CbsTemp
2017-03-30 15:08:31 ----SHD---- C:\System Volume Information
2017-03-29 17:15:58 ----D---- C:\Users\bek69\AppData\Roaming\ViberPC
2017-03-29 16:45:06 ----D---- C:\ProgramData\ProductData
2017-03-26 17:20:18 ----D---- C:\Program Files\iTunes
2017-03-26 17:19:27 ----D---- C:\Program Files\iPod
2017-03-26 17:18:42 ----D---- C:\Program Files\Common Files\Apple
2017-03-26 17:15:45 ----D---- C:\Program Files (x86)\Apple Software Update
2017-03-23 09:04:04 ----HD---- C:\Program Files\WindowsApps
2017-03-23 09:04:04 ----D---- C:\Windows\AppReadiness
2017-03-22 12:00:37 ----A---- C:\Windows\system32\drivers\asw3498.tmp
2017-03-21 14:20:51 ----D---- C:\ProgramData\IObit
2017-03-17 15:40:00 ----D---- C:\Windows\rescache
2017-03-17 12:36:15 ----D---- C:\Games
2017-03-17 12:35:33 ----D---- C:\Program Files (x86)\Steam
2017-03-17 12:30:10 ----D---- C:\Windows\debug
2017-03-17 08:04:35 ----D---- C:\Windows\WinSxS
2017-03-17 07:59:09 ----D---- C:\Program Files\Microsoft Silverlight
2017-03-17 07:59:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 14:30:40 ----D---- C:\Windows\system32\appraiser
2017-03-16 14:30:40 ----D---- C:\Windows\apppatch
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Windows\SysWOW64
2017-03-16 14:30:36 ----D---- C:\Windows\system32\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\system32\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Program Files\Internet Explorer
2017-03-16 14:30:36 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-16 14:17:49 ----D---- C:\Windows\system32\MRT
2017-03-16 14:14:24 ----AC---- C:\Windows\system32\MRT.exe
2017-03-16 09:47:20 ----D---- C:\Windows\system32\catroot2
2017-03-15 22:20:54 ----D---- C:\ProgramData\Skype
2017-03-15 22:20:22 ----RD---- C:\Program Files (x86)\Skype
2017-03-15 22:18:07 ----D---- C:\ProgramData\Package Cache
2017-03-14 13:27:28 ----D---- C:\Windows\Tasks
2017-03-14 13:27:16 ----D---- C:\Windows\system32\Macromed
2017-03-14 13:27:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-03-14 12:55:28 ----D---- C:\Windows\system32\catroot
2017-03-14 12:38:12 ----D---- C:\Windows\system32\wbem
2017-03-14 12:32:45 ----D---- C:\Program Files (x86)\Atheros
2017-03-14 12:32:38 ----D---- C:\Program Files (x86)\Symbaloo_TLauncher
2017-03-14 12:32:35 ----D---- C:\Program Files\Microsoft Office 15
2017-03-14 12:32:25 ----D---- C:\Windows\system32\drivers\UMDF
2017-03-14 12:32:25 ----D---- C:\Windows\system32\CodeIntegrity
2017-03-14 12:19:31 ----D---- C:\Windows\registration
2017-03-14 12:00:57 ----A---- C:\Windows\system32\drivers\asw3499.tmp
2017-03-14 11:59:55 ----A---- C:\Windows\system32\drivers\asw34AA.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3487.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3486.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3476.tmp
2017-03-14 11:59:50 ----A---- C:\Windows\system32\drivers\asw3475.tmp
2017-03-14 11:57:38 ----A---- C:\Windows\system32\drivers\asw3464.tmp
2017-03-14 11:57:38 ----A---- C:\Windows\system32\drivers\asw3454.tmp
2017-03-14 11:19:43 ----D---- C:\ProgramData\AVAST Software
2017-03-10 06:34:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-03-07 12:21:47 ----A---- C:\Windows\win.ini
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2017-01-16 83656]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2017-01-16 23752]
R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2013-12-14 36608]
R0 amdpsp;@oem38.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2017-01-16 254864]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-04-05 189768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-04-05 334088]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-04-05 48528]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-04-05 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-04-05 339696]
R0 LPCFilter;@oem17.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\Windows\System32\drivers\LPCFilter.sys [2013-08-01 35672]
R0 TVALZ;@oem15.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-04-05 307736]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-04-05 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-04-05 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-04-05 1005048]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-04-05 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-01-16 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-04-05 127112]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-04-05 164064]
R3 AmdAS4;@oem2.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-01-16 13941760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-01-16 628224]
R3 athr;@oem41.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2017-01-16 4307192]
R3 AtiHDAudioService;@oem37.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2017-01-16 118848]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-03-19 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2015-03-28 20312]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-04-08 30264]
R3 dtliteusbbus;@oem24.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-04-08 47672]
R3 ETD;@oem9.inf,%PS2.DeviceDesc%;ELAN PS/2_SMBus Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2014-03-04 404296]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2014-02-06 24904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem42.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2017-01-16 328920]
R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2017-03-14 954368]
R3 Thotkey;@oem46.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2017-01-16 36712]
R3 tosrfec;@oem40.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2017-01-16 53624]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 amdkmcsp;@oem38.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-01-16 100752]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-04-05 38296]
S3 athrusb;@oem33.inf,%ATHR.Service.DispName%;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 dot4;@oem28.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem29.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem28.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 USBAAPL64;@oem21.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-11-05 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2014-04-23 140288]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-01-16 240128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-03-17 83768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-03-19 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-14 262736]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-03-26 3737792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2014-03-03 21840]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2014-03-04 103240]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2017-01-16 51216]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2014-07-30 353872]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-03-14 7147320]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1443520]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-03-22 689464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-29 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-03-25 198192]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
-----------------EOF-----------------
Run by bek69 at 2017-04-05 21:37:37
Microsoft Windows 8.1
System drive C: has 505 GB (54%) free of 941 GB
Total RAM: 7103 MB (70% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:46, on 5. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\bek69_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TEJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10598 bytes
====== Enumerating Processes ======
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\Elantech\ETDService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhostex.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C0].txt
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /update
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\bek69\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (bek69) - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1586068809-786957993-594304779-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\Windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Windows\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458706207 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458918902 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\User_Feed_Synchronization-{A0859649-5E18-4E7C-A58B-088A2690E7FB} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1586068809-786957993-594304779-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF48
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF48
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\
zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
BlackFox V2 - theme - zigboom@hotmail.com
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions.json
Avast Online Security - webextension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF48
BlackFox V2 - theme - zigboom@hotmail.com - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\zigboom@hotmail.com
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\features\{f09189bc-e994-454a-82c9-f5e2befbe49e}\e10srollout@mozilla.org.xpi
C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\q36qk1ci.default-1489490201594\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.127 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={D1863175-E285-4533-807E-BEEE3BC1D240}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=TEJB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-05 213704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14 893936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-05 3002160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14 771816]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-05-13 585568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-10-22 296008]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-03-22 303928]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-14 205512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2013-08-06 34160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-05 20:27:52 ----A---- C:\Windows\system32\aswBoot.exe
2017-04-05 20:23:51 ----D---- C:\ProgramData\SWCUTemp
2017-04-05 20:15:48 ----D---- C:\AdwCleaner
2017-04-05 18:13:10 ----D---- C:\Program Files\trend micro
2017-04-05 18:13:09 ----D---- C:\rsit
2017-03-16 10:04:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iertutil.dll
2017-03-16 10:04:42 ----A---- C:\Windows\system32\iepeers.dll
2017-03-16 10:04:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-03-16 10:04:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-03-16 10:04:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-03-16 10:04:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\vbscript.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\urlmon.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\msfeeds.dll
2017-03-16 10:04:34 ----A---- C:\Windows\system32\iedkcs32.dll
2017-03-16 10:04:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-03-16 10:04:31 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\jscript.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\ieframe.dll
2017-03-16 10:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-03-16 10:04:29 ----A---- C:\Windows\system32\webcheck.dll
2017-03-16 10:04:28 ----A---- C:\Windows\system32\win32k.sys
2017-03-16 10:04:28 ----A---- C:\Windows\system32\jscript9.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\wininet.dll
2017-03-16 10:04:27 ----A---- C:\Windows\system32\inetcomm.dll
2017-03-16 10:04:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-03-16 10:04:25 ----A---- C:\Windows\system32\mshtml.dll
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winresume.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\winload.exe
2017-03-16 10:04:22 ----A---- C:\Windows\system32\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\ieapfltr.dll
2017-03-16 10:04:21 ----A---- C:\Windows\system32\glcndFilter.dll
2017-03-16 10:04:20 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 10:04:19 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\lsasrv.dll
2017-03-16 10:04:19 ----A---- C:\Windows\system32\DWrite.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\wow64.dll
2017-03-16 10:04:18 ----A---- C:\Windows\system32\FntCache.dll
2017-03-16 10:04:17 ----A---- C:\Windows\system32\GdiPlus.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-03-16 10:04:16 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2017-03-16 10:04:16 ----A---- C:\Windows\system32\msxml3.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2017-03-16 10:04:15 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-03-16 10:04:15 ----A---- C:\Windows\system32\dnsapi.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-03-16 10:04:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-03-16 10:04:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\quartz.dll
2017-03-16 10:04:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-03-16 10:04:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-03-16 10:04:13 ----A---- C:\Windows\system32\adtschema.dll
2017-03-16 10:04:13 ----A---- C:\Windows\HelpPane.exe
2017-03-16 10:04:12 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\wininit.exe
2017-03-16 10:04:12 ----A---- C:\Windows\system32\mscms.dll
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\srv.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-03-16 10:04:12 ----A---- C:\Windows\system32\drivers\cng.sys
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\msobjs.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\icm32.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-03-16 10:04:11 ----A---- C:\Windows\system32\certcli.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aepic.dll
2017-03-16 09:58:39 ----A---- C:\Windows\system32\aeinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\invagent.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\generaltel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\devinv.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-03-16 09:58:38 ----A---- C:\Windows\system32\centel.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\appraiser.dll
2017-03-16 09:58:38 ----A---- C:\Windows\system32\acmigration.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-03-14 12:52:40 ----A---- C:\Windows\system32\drivers\Rt630x64.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8444.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8443.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8432.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8431.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw8430.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841F.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw841E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840E.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw840D.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3453.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3442.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3441.tmp
2017-03-14 12:00:35 ----A---- C:\Windows\system32\drivers\asw3430.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1C.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E1B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0B.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3E0A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DDA.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DD9.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3DB8.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D5A.tmp
2017-03-14 11:50:27 ----A---- C:\Windows\system32\drivers\asw3D59.tmp
2017-03-07 12:15:15 ----D---- C:\ProgramData\~0
====== List of files/folders modified in the last 1 month ======
2017-04-05 21:37:21 ----D---- C:\Windows\Temp
2017-04-05 21:36:13 ----D---- C:\Users\bek69\AppData\Roaming\Skype
2017-04-05 21:36:03 ----D---- C:\Windows\system32\sru
2017-04-05 20:36:26 ----D---- C:\Windows\Prefetch
2017-04-05 20:28:22 ----D---- C:\Windows\system32\Tasks
2017-04-05 20:28:21 ----D---- C:\Windows\system32\drivers
2017-04-05 20:28:08 ----D---- C:\Windows\system32\config
2017-04-05 20:27:52 ----RAD---- C:\Windows\System32
2017-04-05 20:23:51 ----HD---- C:\ProgramData
2017-04-05 20:22:59 ----D---- C:\Windows\SoftwareDistribution
2017-04-05 20:22:19 ----AD---- C:\Windows
2017-04-05 20:21:48 ----SHD---- C:\Config.Msi
2017-04-05 20:21:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-05 20:21:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-04-05 20:20:29 ----D---- C:\Windows\SYSWOW64\drivers
2017-04-05 20:20:28 ----RD---- C:\Program Files (x86)
2017-04-05 18:13:10 ----RD---- C:\Program Files
2017-04-05 18:06:21 ----D---- C:\Windows\Minidump
2017-04-05 16:24:17 ----D---- C:\Windows\Microsoft.NET
2017-04-05 15:47:25 ----SHD---- C:\Windows\Installer
2017-04-05 15:47:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-05 15:46:22 ----D---- C:\Program Files (x86)\Common Files
2017-04-05 15:44:38 ----D---- C:\Program Files (x86)\Microsoft Office
2017-04-04 20:38:21 ----D---- C:\Users\bek69\AppData\Roaming\vlc
2017-04-03 16:46:51 ----D---- C:\Windows\system32\NDF
2017-04-02 08:38:28 ----D---- C:\Windows\Inf
2017-04-02 08:38:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-03-30 17:52:43 ----D---- C:\Users\bek69\AppData\Roaming\Mp3tag
2017-03-30 15:09:24 ----D---- C:\Windows\system32\DriverStore
2017-03-30 15:09:22 ----D---- C:\Windows\CbsTemp
2017-03-30 15:08:31 ----SHD---- C:\System Volume Information
2017-03-29 17:15:58 ----D---- C:\Users\bek69\AppData\Roaming\ViberPC
2017-03-29 16:45:06 ----D---- C:\ProgramData\ProductData
2017-03-26 17:20:18 ----D---- C:\Program Files\iTunes
2017-03-26 17:19:27 ----D---- C:\Program Files\iPod
2017-03-26 17:18:42 ----D---- C:\Program Files\Common Files\Apple
2017-03-26 17:15:45 ----D---- C:\Program Files (x86)\Apple Software Update
2017-03-23 09:04:04 ----HD---- C:\Program Files\WindowsApps
2017-03-23 09:04:04 ----D---- C:\Windows\AppReadiness
2017-03-22 12:00:37 ----A---- C:\Windows\system32\drivers\asw3498.tmp
2017-03-21 14:20:51 ----D---- C:\ProgramData\IObit
2017-03-17 15:40:00 ----D---- C:\Windows\rescache
2017-03-17 12:36:15 ----D---- C:\Games
2017-03-17 12:35:33 ----D---- C:\Program Files (x86)\Steam
2017-03-17 12:30:10 ----D---- C:\Windows\debug
2017-03-17 08:04:35 ----D---- C:\Windows\WinSxS
2017-03-17 07:59:09 ----D---- C:\Program Files\Microsoft Silverlight
2017-03-17 07:59:06 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 14:30:40 ----D---- C:\Windows\system32\appraiser
2017-03-16 14:30:40 ----D---- C:\Windows\apppatch
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Windows\SysWOW64
2017-03-16 14:30:36 ----D---- C:\Windows\system32\en-US
2017-03-16 14:30:36 ----D---- C:\Windows\system32\cs-CZ
2017-03-16 14:30:36 ----D---- C:\Program Files\Internet Explorer
2017-03-16 14:30:36 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-16 14:17:49 ----D---- C:\Windows\system32\MRT
2017-03-16 14:14:24 ----AC---- C:\Windows\system32\MRT.exe
2017-03-16 09:47:20 ----D---- C:\Windows\system32\catroot2
2017-03-15 22:20:54 ----D---- C:\ProgramData\Skype
2017-03-15 22:20:22 ----RD---- C:\Program Files (x86)\Skype
2017-03-15 22:18:07 ----D---- C:\ProgramData\Package Cache
2017-03-14 13:27:28 ----D---- C:\Windows\Tasks
2017-03-14 13:27:16 ----D---- C:\Windows\system32\Macromed
2017-03-14 13:27:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-03-14 12:55:28 ----D---- C:\Windows\system32\catroot
2017-03-14 12:38:12 ----D---- C:\Windows\system32\wbem
2017-03-14 12:32:45 ----D---- C:\Program Files (x86)\Atheros
2017-03-14 12:32:38 ----D---- C:\Program Files (x86)\Symbaloo_TLauncher
2017-03-14 12:32:35 ----D---- C:\Program Files\Microsoft Office 15
2017-03-14 12:32:25 ----D---- C:\Windows\system32\drivers\UMDF
2017-03-14 12:32:25 ----D---- C:\Windows\system32\CodeIntegrity
2017-03-14 12:19:31 ----D---- C:\Windows\registration
2017-03-14 12:00:57 ----A---- C:\Windows\system32\drivers\asw3499.tmp
2017-03-14 11:59:55 ----A---- C:\Windows\system32\drivers\asw34AA.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3487.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3486.tmp
2017-03-14 11:59:53 ----A---- C:\Windows\system32\drivers\asw3476.tmp
2017-03-14 11:59:50 ----A---- C:\Windows\system32\drivers\asw3475.tmp
2017-03-14 11:57:38 ----A---- C:\Windows\system32\drivers\asw3464.tmp
2017-03-14 11:57:38 ----A---- C:\Windows\system32\drivers\asw3454.tmp
2017-03-14 11:19:43 ----D---- C:\ProgramData\AVAST Software
2017-03-10 06:34:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-03-07 12:21:47 ----A---- C:\Windows\win.ini
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2017-01-16 83656]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2017-01-16 23752]
R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2013-12-14 36608]
R0 amdpsp;@oem38.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2017-01-16 254864]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-04-05 189768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-04-05 334088]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-04-05 48528]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-04-05 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-04-05 339696]
R0 LPCFilter;@oem17.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\Windows\System32\drivers\LPCFilter.sys [2013-08-01 35672]
R0 TVALZ;@oem15.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-04-05 307736]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-04-05 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-04-05 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-04-05 1005048]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-04-05 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-01-16 27552]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-04-05 127112]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-04-05 164064]
R3 AmdAS4;@oem2.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-01-16 13941760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-01-16 628224]
R3 athr;@oem41.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2017-01-16 4307192]
R3 AtiHDAudioService;@oem37.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2017-01-16 118848]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-03-19 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2015-03-28 20312]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-04-08 30264]
R3 dtliteusbbus;@oem24.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-04-08 47672]
R3 ETD;@oem9.inf,%PS2.DeviceDesc%;ELAN PS/2_SMBus Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2014-03-04 404296]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2014-02-06 24904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem42.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2017-01-16 328920]
R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2017-03-14 954368]
R3 Thotkey;@oem46.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2017-01-16 36712]
R3 tosrfec;@oem40.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2017-01-16 53624]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 amdkmcsp;@oem38.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2017-01-16 100752]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-04-05 38296]
S3 athrusb;@oem33.inf,%ATHR.Service.DispName%;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 dot4;@oem28.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem29.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem28.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 USBAAPL64;@oem21.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-11-05 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2014-04-23 140288]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-01-16 240128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-03-17 83768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-03-19 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-14 262736]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-03-26 3737792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2014-03-03 21840]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2014-03-04 103240]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2017-01-16 51216]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2014-07-30 353872]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-03-14 7147320]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1443520]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-03-22 689464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-29 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-03-25 198192]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files\Bonjour
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\drivers\asw*.tmp
C:\ProgramData\~0
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}]/64
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
All processes killed
========== FILES ==========
C:\Program Files\Bonjour folder moved successfully.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA not found.
File/Folder C:\Windows\system32\drivers\asw*.tmp not found.
C:\ProgramData\~0 folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1863175-E285-4533-807E-BEEE3BC1D240}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1863175-E285-4533-807E-BEEE3BC1D240}\ not found.
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: bek69
->Temp folder emptied: 13206446 bytes
->Temporary Internet Files folder emptied: 7211120 bytes
->FireFox cache emptied: 117557212 bytes
->Flash cache emptied: 987 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3134275 bytes
RecycleBin emptied: 1329152 bytes
Total Files Cleaned = 136,00 mb
[EMPTYFLASH]
User: All Users
User: bek69
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04052017_222439
Files moved on Reboot...
C:\Users\bek69\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Windows\temp\_avast_\AvLock.txt moved successfully.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323050958.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323051007.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170411.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170413.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170439.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161452.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161453.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161502.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160325162356.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160325162442.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170943.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170945.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170955.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130504.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130507.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130518.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131227.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131228.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131238.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170107113943.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170107113945.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090454.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090459.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090512.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311171919.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311171920.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105117.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105118.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105132.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114517.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114523.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114543.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314130729.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314130731.log scheduled to be moved on reboot.
File C:\Windows\temp\officeclicktorun.exe_streamserver(201704052022437E4).log not found!
C:\Windows\temp\TOMAS-20170405-2022.log moved successfully.
Registry entries deleted on Reboot...
========== FILES ==========
C:\Program Files\Bonjour folder moved successfully.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA not found.
File/Folder C:\Windows\system32\drivers\asw*.tmp not found.
C:\ProgramData\~0 folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1863175-E285-4533-807E-BEEE3BC1D240}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{D1863175-E285-4533-807E-BEEE3BC1D240}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1863175-E285-4533-807E-BEEE3BC1D240}\ not found.
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: bek69
->Temp folder emptied: 13206446 bytes
->Temporary Internet Files folder emptied: 7211120 bytes
->FireFox cache emptied: 117557212 bytes
->Flash cache emptied: 987 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3134275 bytes
RecycleBin emptied: 1329152 bytes
Total Files Cleaned = 136,00 mb
[EMPTYFLASH]
User: All Users
User: bek69
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04052017_222439
Files moved on Reboot...
C:\Users\bek69\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Windows\temp\_avast_\AvLock.txt moved successfully.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323050958.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323051007.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170411.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170413.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160323170439.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161452.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161453.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160325161502.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160325162356.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160325162442.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170943.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170945.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160510170955.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130504.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130507.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106130518.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131227.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131228.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170106131238.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170107113943.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170107113945.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090454.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090459.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311090512.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311171919.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170311171920.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105117.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105118.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314105132.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114517.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114523.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314114543.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314130729.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170314130731.log scheduled to be moved on reboot.
File C:\Windows\temp\officeclicktorun.exe_streamserver(201704052022437E4).log not found!
C:\Windows\temp\TOMAS-20170405-2022.log moved successfully.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Něco bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
No připadá mi že chvílemi ano ,ale někdy je zase zpomalený 
. Navíc mi občas vyskočí modrá stránka s kde je mj. napsáno - Chcete -li získat další informace můžete později online vyhledat nasledujici chybu - SYSTEM THREAD EXCEPTION NOTHANDLED (atikmdag.sys) a ntb se restartuje.
. Navíc mi občas vyskočí modrá stránka s kde je mj. napsáno - Chcete -li získat další informace můžete později online vyhledat nasledujici chybu - SYSTEM THREAD EXCEPTION NOTHANDLED (atikmdag.sys) a ntb se restartuje.-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Pravděpodobně máte problém s garf. kartou (atikmdag.sys). Zkuste aktualizovat/přeinstalovat její ovladače.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Bohužel nevím jak se to dělá
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Z webu výrobce karty si ovladač stáhnete, uložíte na disk a spustíte instalaci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?