Pomalý notebook

[marino.t]

Zdravím,

zhruba poslední týden je notebook poměrně pomalý. Pomalé nabíhaní po spuštění ale i pomalé nabíhání jednotlivých programů. Díky za pomoc.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Marek at 2017-06-05 17:26:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 277 GB (39%) free of 715 GB
Total RAM: 6051 MB (58% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:36, on 5.6.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera_crashreporter.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
C:\Program Files\trend micro\Marek_RSITx64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D564DD7-01A1-4BD7-AB36-B4DBE035F066}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{21732CF1-CF2C-4EF6-8430-55A3BD434A04}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{34C6F90D-82B8-4A81-8FAD-AA8BD0C30274}: NameServer =
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9407 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 28697216
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-18387829301720235929-1310838384-611894616292579773262914896713025171757635862
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\svchost.exe -k MbnExt
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --ran-launcher --opener-id="H8xj9NxP03fliNWHC:\Windows\explorer.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\45.0.2552.888\opera_crashreporter.exe" --ran-launcher --opener-id="H8xj9NxP03fliNWHC:\Windows\explorer.exe" --crash-reporter-parent-id=4768
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=gpu-process --field-trial-handle=880 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.901.1.1000 --gpu-driver-date=11-5-2011 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0126 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --service-request-channel-token=0380F6BDCB7F740D6202CAEBBC2482B5 --mojo-platform-channel-handle=1296 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=BCDB783410730F15C72B58702E7D4B06 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=BCDB783410730F15C72B58702E7D4B06 --renderer-client-id=7 --mojo-platform-channel-handle=1988 /prefetch:1
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=C700BE668162ACAD8BDE0C3180CFFCA1 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=C700BE668162ACAD8BDE0C3180CFFCA1 --renderer-client-id=4 --mojo-platform-channel-handle=2180 /prefetch:1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=4817CAB8C808A1E32ED56526F13B07AC --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=4817CAB8C808A1E32ED56526F13B07AC --renderer-client-id=12 --mojo-platform-channel-handle=4328 /prefetch:1
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=133044205677A405666623C6F3D12BCF --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=133044205677A405666623C6F3D12BCF --renderer-client-id=16 --mojo-platform-channel-handle=3908 /prefetch:1
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=362E857255B60711197541471ED7B95C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=362E857255B60711197541471ED7B95C --renderer-client-id=18 --mojo-platform-channel-handle=4252 /prefetch:1
"C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --field-trial-handle=880 --primordial-pipe-token=33113166D53176DE7E86D737772009F5 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=3260 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=33113166D53176DE7E86D737772009F5 --renderer-client-id=23 --mojo-platform-channel-handle=2408 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Marek\AppData\Local\Temp\scoped_dir4768_3340\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\Dell SupportAssistAgent AutoUpdate - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe AutoUpdate
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1376922984 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\PCDEventLauncherTask - "C:\Program Files\Dell\SupportAssist\sessionchecker.exe"
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1450710988 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\User_Feed_Synchronization-{E1F801AE-9ADD-4A66-9BF1-5B395538B110} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{F0459A54-779A-498F-96D8-26BF60243175} - C:\Windows\system32\pcalua.exe -a C:\Dell\Drivers\R312132\Setup.exe -d C:\Dell\Drivers\R312132
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-02 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-02 773920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-15 686704]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-16 2480936]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-27 1128448]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-07-28 1935120]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-09-26 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-09-26 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-09-26 416024]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-10 213824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2016-01-01 2169368]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-04 3673184]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-06 343168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-09-26 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1

====== List of files/folders created in the last 1 month ======

2017-06-05 17:26:33 ----D---- C:\rsit
2017-06-05 16:56:55 ----D---- C:\ProgramData\SWCUTemp
2017-06-05 16:43:47 ----A---- C:\Windows\system32\aswBoot.exe
2017-05-17 16:38:36 ----HD---- C:\$AV_ASW
2017-05-10 15:59:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-05-10 15:59:40 ----A---- C:\Windows\system32\mshtml.dll
2017-05-10 15:59:39 ----A---- C:\Windows\system32\ieframe.dll
2017-05-10 15:59:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-05-10 15:59:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-05-10 15:59:37 ----A---- C:\Windows\system32\jscript9.dll
2017-05-10 15:59:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-05-10 15:59:36 ----A---- C:\Windows\system32\wininet.dll
2017-05-10 15:59:36 ----A---- C:\Windows\system32\iertutil.dll
2017-05-10 15:59:35 ----A---- C:\Windows\system32\win32k.sys
2017-05-10 15:59:35 ----A---- C:\Windows\system32\urlmon.dll
2017-05-10 15:59:35 ----A---- C:\Windows\system32\ole32.dll
2017-05-10 15:59:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-05-10 15:59:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-05-10 15:59:34 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-05-10 15:59:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-05-10 15:59:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-05-10 15:59:33 ----A---- C:\Windows\system32\advapi32.dll
2017-05-10 15:59:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-05-10 15:59:32 ----A---- C:\Windows\system32\drivers\srv.sys
2017-05-10 15:59:32 ----A---- C:\Windows\system32\crypt32.dll
2017-05-10 15:59:31 ----A---- C:\Windows\system32\oleaut32.dll
2017-05-10 15:59:29 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-05-10 15:59:27 ----A---- C:\Windows\system32\pla.dll
2017-05-10 15:59:26 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-05-10 15:59:24 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-05-10 15:59:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-05-10 15:59:23 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-05-10 15:59:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-05-10 15:59:22 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-05-10 15:59:21 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-05-10 15:59:20 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-05-10 15:59:19 ----A---- C:\Windows\system32\pdh.dll
2017-05-10 15:59:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-05-10 15:59:19 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-05-10 15:59:18 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-05-10 15:59:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-05-10 15:59:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-05-10 15:59:18 ----A---- C:\Windows\system32\rpcss.dll
2017-05-10 15:59:18 ----A---- C:\Windows\system32\msfeeds.dll
2017-05-10 15:59:16 ----A---- C:\Windows\system32\drivers\afd.sys
2017-05-10 15:59:14 ----A---- C:\Windows\system32\vbscript.dll
2017-05-10 15:59:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 15:59:14 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-05-10 15:59:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-05-10 15:59:11 ----A---- C:\Windows\system32\iedkcs32.dll
2017-05-10 15:59:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-05-10 15:59:10 ----A---- C:\Windows\system32\jscript.dll
2017-05-10 15:59:09 ----A---- C:\Windows\system32\ntdll.dll
2017-05-10 15:59:07 ----A---- C:\Windows\system32\drivers\netio.sys
2017-05-10 15:59:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-05-10 15:59:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-05-10 15:59:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-05-10 15:59:05 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-05-10 15:59:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-05-10 15:59:03 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-05-10 15:59:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-05-10 15:59:03 ----A---- C:\Windows\system32\oleres.dll
2017-05-10 15:59:03 ----A---- C:\Windows\system32\gdi32.dll
2017-05-10 15:59:03 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-05-10 15:59:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-05-10 15:59:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-05-10 15:59:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-05-10 15:59:02 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-05-10 15:59:02 ----A---- C:\Windows\system32\webcheck.dll
2017-05-10 15:59:02 ----A---- C:\Windows\system32\plasrv.exe
2017-05-10 15:59:02 ----A---- C:\Windows\system32\mshtmled.dll
2017-05-10 15:59:02 ----A---- C:\Windows\system32\dxtrans.dll
2017-05-10 15:59:02 ----A---- C:\Windows\system32\certcli.dll
2017-05-10 15:59:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-05-10 15:59:01 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-05-10 15:59:01 ----A---- C:\Windows\system32\rpcrt4.dll
2017-05-10 15:59:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-05-10 15:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2017-05-10 15:59:01 ----A---- C:\Windows\system32\comcat.dll
2017-05-10 15:58:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-05-10 15:58:59 ----A---- C:\Windows\system32\lsasrv.dll
2017-05-10 15:58:59 ----A---- C:\Windows\system32\kerberos.dll
2017-05-10 15:58:59 ----A---- C:\Windows\system32\ieapfltr.dll
2017-05-10 15:58:58 ----A---- C:\Windows\system32\smss.exe
2017-05-10 15:58:58 ----A---- C:\Windows\system32\kernel32.dll
2017-05-10 15:58:58 ----A---- C:\Windows\system32\ieui.dll
2017-05-10 15:58:58 ----A---- C:\Windows\system32\dxtmsft.dll
2017-05-10 15:58:58 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-05-10 15:58:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-05-10 15:58:57 ----A---- C:\Windows\system32\schannel.dll
2017-05-10 15:58:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-05-10 15:58:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-05-10 15:58:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-05-10 15:58:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\wow64win.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\winsrv.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\srcore.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\occache.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\ncrypt.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\msv1_0.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\msrating.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\KernelBase.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\jsproxy.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\jscript9diag.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-05-10 15:58:56 ----A---- C:\Windows\system32\cryptsvc.dll
2017-05-10 15:58:56 ----A---- C:\Windows\system32\cdosys.dll
2017-05-10 15:58:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-05-10 15:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-05-10 15:58:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-05-10 15:58:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-05-10 15:58:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\wow64.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\wintrust.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\wdigest.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\sspicli.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\inseng.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-05-10 15:58:55 ----A---- C:\Windows\system32\cryptnet.dll
2017-05-10 15:58:55 ----A---- C:\Windows\system32\conhost.exe
2017-05-10 15:58:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-05-10 15:58:54 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\srclient.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\lsass.exe
2017-05-10 15:58:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\iesetup.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\iernonce.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-05-10 15:58:54 ----A---- C:\Windows\system32\csrsrv.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-05-10 15:58:54 ----A---- C:\Windows\system32\appidapi.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-05-10 15:58:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\secur32.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\rstrui.exe
2017-05-10 15:58:53 ----A---- C:\Windows\system32\ntvdm64.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\drivers\appid.sys
2017-05-10 15:58:53 ----A---- C:\Windows\system32\credssp.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\cdd.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\auditpol.exe
2017-05-10 15:58:53 ----A---- C:\Windows\system32\appidsvc.dll
2017-05-10 15:58:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 15:58:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 15:58:52 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\user.exe
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-05-10 15:58:52 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-05-10 15:58:52 ----A---- C:\Windows\system32\tzres.dll
2017-05-10 15:58:52 ----A---- C:\Windows\system32\msaudite.dll
2017-05-10 15:58:52 ----A---- C:\Windows\system32\apisetschema.dll
2017-05-10 15:58:52 ----A---- C:\Windows\system32\adtschema.dll
2017-05-10 15:58:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-05-10 15:58:51 ----A---- C:\Windows\system32\msobjs.dll
2017-05-10 15:58:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll

====== List of files/folders modified in the last 1 month ======

2017-06-05 17:26:35 ----D---- C:\Program Files\trend micro
2017-06-05 17:17:02 ----D---- C:\Windows\Temp
2017-06-05 17:02:25 ----D---- C:\Windows\system32\config
2017-06-05 16:57:11 ----SHD---- C:\System Volume Information
2017-06-05 16:56:55 ----D---- C:\ProgramData
2017-06-05 16:48:42 ----A---- C:\Windows\SYSWOW64\log.txt
2017-06-05 16:45:53 ----D---- C:\Windows\system32\drivers
2017-06-05 16:45:53 ----D---- C:\Windows
2017-06-05 16:44:47 ----D---- C:\Windows\system32\Tasks
2017-06-05 16:43:47 ----D---- C:\Windows\System32
2017-06-05 16:40:24 ----D---- C:\Windows\Prefetch
2017-06-05 16:38:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-06-05 16:38:12 ----D---- C:\Windows\system32\Macromed
2017-06-05 16:38:09 ----D---- C:\Windows\SYSWOW64\Macromed
2017-06-05 16:24:30 ----D---- C:\Windows\inf
2017-06-05 16:07:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-06-05 16:06:28 ----D---- C:\Users\Marek\AppData\Roaming\Winamp
2017-06-05 16:06:09 ----D---- C:\Windows\debug
2017-06-03 22:53:57 ----D---- C:\Program Files (x86)\SpeedFan
2017-06-02 20:34:06 ----D---- C:\Program Files (x86)\Opera
2017-06-01 07:58:25 ----D---- C:\Windows\system32\MRT
2017-06-01 07:55:09 ----AC---- C:\Windows\system32\MRT.exe
2017-05-19 19:29:29 ----D---- C:\Windows\rescache
2017-05-17 16:38:56 ----RD---- C:\Program Files (x86)
2017-05-16 18:22:28 ----D---- C:\Windows\Microsoft.NET
2017-05-16 18:19:37 ----RSD---- C:\Windows\assembly
2017-05-15 20:11:03 ----SHD---- C:\Windows\Installer
2017-05-13 22:45:53 ----D---- C:\Windows\winsxs
2017-05-13 22:41:25 ----D---- C:\Windows\SYSWOW64\migration
2017-05-13 22:41:25 ----D---- C:\Windows\SYSWOW64\en-US
2017-05-13 22:41:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-05-13 22:41:25 ----D---- C:\Windows\SysWOW64
2017-05-13 22:41:25 ----D---- C:\Program Files\Internet Explorer
2017-05-13 22:41:24 ----D---- C:\Windows\system32\migration
2017-05-13 22:41:24 ----D---- C:\Windows\system32\en-US
2017-05-13 22:41:24 ----D---- C:\Windows\system32\cs-CZ
2017-05-13 22:41:24 ----D---- C:\Windows\PolicyDefinitions
2017-05-13 22:41:23 ----D---- C:\Windows\system32\Boot
2017-05-13 22:41:23 ----D---- C:\Windows\AppPatch
2017-05-13 22:41:23 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-11 20:26:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-05-11 20:17:22 ----D---- C:\ProgramData\Microsoft Help
2017-05-10 15:18:58 ----D---- C:\Windows\system32\catroot2
2017-05-10 13:57:01 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2017-05-09 13:20:23 ----D---- C:\ProgramData\AVAST Software

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-05-10 190256]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-05-10 334576]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-05-10 49016]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-10 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-10 339696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-05-10 311808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-10 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-10 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-10 1007160]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-10 569192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-14 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-10 128648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-13 158880]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-30 28664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-06 10208256]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-06 317952]
R3 AMPPAL;Virtuבlnם adaptיr Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-02-27 23760]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-23 24240]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 90112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-20 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-09-26 12309440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-08-04 8604672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-10-01 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-10-01 180736]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-16 1402416]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-10 38296]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-07 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 30720]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 238080]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-09-26 12309440]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-24 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-10-30 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-24 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-06 204288]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-10 263304]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-05-23 2573520]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-05-23 201936]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-07-28 1517328]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll" = C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\MbnExt.dll
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-24 76888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-07-28 844560]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-09-30 21160]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-12-03 3143472]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-10 7346208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-03 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-05 271864]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-11-15 277048]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-03 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-04-16 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-20 1255736]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]

-----------------EOF-----------------

[Roli]

Zdravím,

stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[marino.t]

Report z Awd cleaner

# AdwCleaner v6.047 - Log vytvořen 06/06/2017 v 16:53:02
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-05.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Marek - MAREK-PC
# Spuštěno z : C:\Users\Marek\AppData\Local\Temp\scoped_dir4768_24700\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3062802622-3820419502-2305872489-1000\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1046 Bajty] - [06/06/2017 16:53:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [1529 Bajty] - [06/06/2017 16:52:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1192 Bajty] ##########

[marino.t]

Log z combofixu

ComboFix 17-05-16.01 - Marek 06.06.2017 17:05:44.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6051.3887 [GMT 12:00]
Spuštěný z: c:\users\Marek\AppData\Local\Temp\scoped_dir4952_23852\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marek\AppData\Local\Temp\_MEI43562\_ctypes.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_elementtree.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_hashlib.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_multiprocessing.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_psutil_windows.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_socket.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_ssl.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\_yappi.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\common.time34.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\hashobjs_ext.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\pyexpat.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\pysqlite2._sqlite.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\python27.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\pythoncom27.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\PyWinTypes27.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\select.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\thumbnails_ext.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\unicodedata.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\usb_ext.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32api.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32com.shell.shell.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32crypt.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32event.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32file.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32gui.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32inet.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32pdh.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32pipe.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32process.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32profile.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32security.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\win32ts.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\windows._lib_cacheinvalidation.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._animate.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._controls_.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._core_.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._gdi_.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._html2.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._misc_.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._windows_.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wx._wizard.pyd
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxbase30u_net_vc90.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxbase30u_vc90.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxmsw30u_adv_vc90.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxmsw30u_core_vc90.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxmsw30u_html_vc90.dll
c:\users\Marek\AppData\Local\Temp\_MEI43562\wxmsw30u_webview_vc90.dll
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\is-F1M7C.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-05-06 do 2017-06-06 )))))))))))))))))))))))))))))))
.
.
2017-06-06 05:13 . 2017-06-06 05:13 -------- d-----w- c:\programdata\SWCUTemp
2017-06-06 04:50 . 2017-06-06 04:53 -------- d-----w- C:\AdwCleaner
2017-06-05 05:26 . 2017-06-05 05:26 -------- d-----w- C:\rsit
2017-06-05 04:43 . 2017-05-10 02:02 400456 ----a-w- c:\windows\system32\aswBoot.exe
2017-05-17 04:38 . 2017-05-17 04:38 -------- d-----w- C:\$AV_ASW
2017-05-10 03:58 . 2017-04-28 01:10 730624 ----a-w- c:\windows\system32\kerberos.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-06-05 04:38 . 2013-08-19 15:23 803320 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-06-05 04:38 . 2013-08-19 15:23 144888 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-05-31 19:55 . 2013-08-19 13:26 132223576 -c--a-w- c:\windows\system32\MRT.exe
2017-05-13 10:42 . 2014-01-08 13:21 158880 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-05-10 02:02 . 2013-08-19 19:05 569192 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-05-10 02:02 . 2013-08-19 19:05 339696 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-05-10 02:02 . 2013-08-19 19:05 75704 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-05-10 02:02 . 2014-08-06 16:04 38296 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-05-10 02:02 . 2013-08-19 19:05 128648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-05-10 02:02 . 2013-08-19 19:05 101152 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-05-10 02:01 . 2015-01-11 10:01 32600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-05-10 02:01 . 2013-08-19 19:05 1007160 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-05-10 02:01 . 2017-04-02 03:32 49016 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-05-10 02:01 . 2017-04-02 03:32 334576 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-05-10 02:01 . 2017-04-02 03:32 190256 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-05-10 02:01 . 2017-04-02 03:32 311808 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-04-28 01:10 . 2017-05-10 03:58 345600 ----a-w- c:\windows\system32\schannel.dll
2017-04-28 01:10 . 2017-05-10 03:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-04-28 00:32 . 2017-05-10 03:58 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-04-28 00:32 . 2017-05-10 03:58 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-04-28 00:32 . 2017-05-10 03:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-03-26 08:33 . 2017-03-26 08:33 28344 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-26 08:33 . 2017-03-26 08:33 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-26 08:33 . 2017-03-26 08:33 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-26 08:33 . 2017-03-26 08:33 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-26 08:29 . 2017-03-26 08:29 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-26 08:29 . 2017-03-26 08:29 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-26 08:29 . 2017-03-26 08:29 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-26 08:29 . 2017-03-26 08:29 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-22 15:32 . 2017-04-27 04:56 3165184 ----a-w- c:\windows\system32\wucltux.dll
2017-03-22 15:32 . 2017-04-27 04:56 98816 ----a-w- c:\windows\system32\wudriver.dll
2017-03-22 15:32 . 2017-04-27 04:56 192512 ----a-w- c:\windows\system32\wuwebv.dll
2017-03-22 15:30 . 2017-04-27 04:56 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2017-03-22 15:24 . 2017-04-27 04:56 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2017-03-22 15:17 . 2017-04-27 04:56 2651136 ----a-w- c:\windows\system32\wuaueng.dll
2017-03-22 15:15 . 2017-04-27 04:56 709120 ----a-w- c:\windows\system32\wuapi.dll
2017-03-22 15:15 . 2017-04-27 04:56 37888 ----a-w- c:\windows\system32\wuapp.exe
2017-03-22 15:15 . 2017-04-27 04:56 140288 ----a-w- c:\windows\system32\wuauclt.exe
2017-03-22 15:15 . 2017-04-27 04:56 36864 ----a-w- c:\windows\system32\wups.dll
2017-03-22 15:15 . 2017-04-27 04:56 37888 ----a-w- c:\windows\system32\wups2.dll
2017-03-22 15:15 . 2017-04-27 04:56 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2017-03-22 15:05 . 2017-04-27 04:56 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2017-03-22 15:05 . 2017-04-27 04:56 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2017-03-22 15:05 . 2017-04-27 04:56 30208 ----a-w- c:\windows\SysWow64\wups.dll
2017-03-22 15:05 . 2017-04-27 04:56 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2017-03-10 16:35 . 2017-04-27 04:56 382696 ----a-w- c:\windows\system32\atmfd.dll
2017-03-10 16:31 . 2017-04-27 04:56 41472 ----a-w- c:\windows\system32\lpk.dll
2017-03-10 16:31 . 2017-04-27 04:56 100864 ----a-w- c:\windows\system32\fontsub.dll
2017-03-10 16:31 . 2017-04-27 04:56 14336 ----a-w- c:\windows\system32\dciman32.dll
2017-03-10 16:31 . 2017-04-27 04:56 46080 ----a-w- c:\windows\system32\atmlib.dll
2017-03-10 16:27 . 2017-04-27 04:56 308456 ----a-w- c:\windows\SysWow64\atmfd.dll
2017-03-10 16:20 . 2017-04-27 04:56 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2017-03-10 16:19 . 2017-04-27 04:56 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2017-03-10 16:19 . 2017-04-27 04:56 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2017-03-10 15:53 . 2017-04-27 04:56 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2015-12-31 2169368]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-03-20 23819304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-06 343168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Virtu?ln? adapt?r Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-04-05 00:38 323664 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2017-03-20 20:15 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2017-03-20 20:15 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2017-03-20 20:15 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-05-10 02:02 1505952 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-05-10 02:02 1505952 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-15 686704]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-25 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-25 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-25 416024]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-05-10 213824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 10.10.10.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{2E55EEFD-2162-4A7D-9158-EDB0305603A6} - c:\programdata\{8AF32939-989B-460A-8726-CA2C776032A1}\DDV.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.25"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2017-06-06 17:18:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-06-06 05:18
.
Před spuštěním: Volných bajtů: 288 691 814 400
Po spuštění: Volných bajtů: 288 840 134 656
.
- - End Of File - - 05E56F3372EB298FDD5E9CB72A266C7E
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.

[marino.t]

Už to chodí výrazně líp, supr, díky moc

[Roli]

Není zač a